Update workflow permissions avoid device-flow auth

Author: sd109

.github/workflows/build-push-artifacts.yml

@@ -34,8 +34,13 @@ jobs:
   build_push_images:
     name: Build and push images
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write         # needed for signing the images with GitHub OIDC Token
+      packages: write         # required for pushing container images
+      security-events: write  # required for pushing SARIF files
     needs: changes
-    if: ${{ needs.changes.outputs.images == 'true' || github.ref_type == 'tag' }}
+    # if: ${{ needs.changes.outputs.images == 'true' || github.ref_type == 'tag' }}
     strategy:
       matrix:
         include: