GitHub Workflows security hardening (#2755)

* build: harden closed-issue-message.yml permissions
Signed-off-by: Alex <[email protected]>

* build: harden stale_issues.yml permissions
Signed-off-by: Alex <[email protected]>

Author: sashashura

.github/workflows/closed-issue-message.yml

@@ -2,8 +2,11 @@ name: Closed Issue Message
 on:
     issues:
        types: [closed]
+permissions: {}
 jobs:
     auto_comment:
+        permissions:
+          issues: write # to comment on issues
         runs-on: ubuntu-latest
         steps:
         - uses: aws-actions/closed-issue-message@v1

.github/workflows/stale_issues.yml

@@ -5,8 +5,13 @@ on:
   schedule:
   - cron: "0 0 * * *"
 
+permissions: {}
 jobs:
   cleanup:
+    permissions:
+      issues: write # to label, comment and close issues
+      pull-requests: write # to label, comment and close pull requests
+
     runs-on: ubuntu-latest
     name: Stale issue job
     steps: