From 5277b1dbf0d878dcd54575dd452d2325f53a760e Mon Sep 17 00:00:00 2001
From: Alex <93376818+sashashura@users.noreply.github.com>
Date: Mon, 19 Sep 2022 12:19:35 +0200
Subject: [PATCH] Harden GitHub Workflows security settings

Closes gh-29171
Signed-off-by: sashashura <93376818+sashashura@users.noreply.github.com>
---
 .github/workflows/backport-bot.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/backport-bot.yml b/.github/workflows/backport-bot.yml
index dc8fd760d66..2c3d36fd7c4 100644
--- a/.github/workflows/backport-bot.yml
+++ b/.github/workflows/backport-bot.yml
@@ -6,8 +6,13 @@ on:
   push:
     branches:
       - '*.x'
+permissions:
+  contents: read
 jobs:
   build:
+    permissions:
+      contents: read
+      issues: write
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3