Deployment of YAML file for Logic Apps from Github fails due to missing line of code required for permissions

[OmarAbuArisheh]

Investigative information

We have noticed that when trying to Save configuration in the Deployment Center of a Logic App we are getting a Fail in step "Checkout GitHub Actions". After discussion with other Teams in our company, we know that we can fix it by adding 'contents: read' in row 21 of the *.yml file., but we want to know if this can be somehow fixed to avoid that permanently.

https://github.com/Azure/azure-functions-ux/blob/555a525bf52a92d47c1f710456d6a2dc2d4035d0/server/src/workflows/2022-10-01/function-app-configs/dotnetcore-windows.config.yml

Please provide the following:

Timestamp: NA
Function App version: 4
Function App name: NA
Function name(s) (as appropriate): NA
Invocation ID: NA
Region: NA
Repro steps
Provide the steps required to reproduce the problem:

Browse to Logic Apps Standard, go to Deployment Center, try to deploy new Logic App from Github
An error will appear

Expected behavior
Provide a description of the expected behavior.

Deployment should be successful.

Actual behavior
Provide a description of the actual behavior observed.

Getting a permission error as the original YAML file is missing a line of code to address this issue.

Known workarounds
Provide a description of any known workarounds.

Add in line 21: 'contents: read'

Related information
Provide any related information

Programming language used
Links to source
Bindings used
Below is the code without the mentioned part (it should be added after id-token):

name: Build and deploy dotnet core app to Azure Function App - LOGIC APP NAME

on:
push:
branches:
- main
workflow_dispatch:

env:
AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root
DOTNET_VERSION: '6.0.x' # set this to the dotnet version to use

jobs:
build-and-deploy:
runs-on: windows-latest
permissions:
id-token: write #This is required for requesting the JWT

steps:
  name: 'Checkout GitHub Action'
    uses: actions/checkout@v4

  name: Setup DotNet ${{ env.DOTNET_VERSION }} Environment
    uses: actions/setup-dotnet@v1
    with:
      dotnet-version: ${{ env.DOTNET_VERSION }}

  name: 'Resolve Project Dependencies Using Dotnet'
    shell: pwsh
    run: |
      pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}'
      dotnet build --configuration Release --output ./output
      popd
  
  name: Login to Azure
    uses: azure/login@v2
    with:
      client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID }}
      tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID }}
      subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID }}

  name: 'Run Azure Functions Action'
    uses: Azure/functions-action@v1
    id: fa
    with:
      app-name: 'LOGIC APP NAME'
      slot-name: 'Production'
      package: '${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}/output'