ci: Use least privilege principle for permissions

Declares only the required permissions per workflow.

Author: flovogt

.github/workflows/deploy.yml

@@ -3,6 +3,9 @@ on:
   push:
     branches: [ main ]
 
+permissions:
+  contents: write
+
 jobs:
   build:
     runs-on: ubuntu-latest

.github/workflows/github-ci.yml

@@ -6,6 +6,9 @@ on:
   pull_request:
     branches: [ main ]
 
+# No permissions are required for this workflow
+permissions: {}
+
 jobs:
   test:
     name: General checks, tests and build

.github/workflows/reuse-compliance.yml

@@ -6,6 +6,9 @@ on:
   pull_request:
     branches: [ main ]
 
+# No permissions are required for this workflow
+permissions: {}
+
 jobs:
   compliance-check:
     name: Compliance Check