Add explicit permissions for CI jobs (#3204)

Author: networkfusion

.github/workflows/devcontainer-all.yaml

@@ -21,6 +21,8 @@ jobs:
   build:
     if: ${{ vars.PUBLISH_DOCKER_IMAGE == 'true' }}
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
 
     - name: Checkout Repository

.github/workflows/devcontainer-azurertos.yaml

@@ -21,6 +21,8 @@ jobs:
   build:
     if: ${{ vars.PUBLISH_DOCKER_IMAGE == 'true' }}
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
 
     - name: Checkout Repository

.github/workflows/devcontainer-chibios.yaml

@@ -21,6 +21,8 @@ jobs:
   build:
     if: ${{ vars.PUBLISH_DOCKER_IMAGE == 'true' }}
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
 
     - name: Checkout Repository

.github/workflows/devcontainer-esp32.yml

@@ -21,6 +21,8 @@ jobs:
   build:
     if: ${{ vars.PUBLISH_DOCKER_IMAGE == 'true' }}
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
 
     - name: Checkout Repository

.github/workflows/devcontainer-freertos-nxp.yaml

@@ -21,6 +21,8 @@ jobs:
   build:
     if: ${{ vars.PUBLISH_DOCKER_IMAGE == 'true' }}
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
 
     - name: Checkout Repository

.github/workflows/devcontainer-smoketest.yaml

@@ -31,6 +31,8 @@ jobs:
         ]
 
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
 
     steps:
       - uses: actions/checkout@v4

.github/workflows/devcontainer-ti.yaml

@@ -21,6 +21,8 @@ jobs:
   build:
     if: ${{ vars.PUBLISH_DOCKER_IMAGE == 'true' }}
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
 
     - name: Checkout Repository