Add sample of permissions/Fix permissions of existing jobs (#162)

* Add sample of permissions

* fix permissions on Actions

* add checks

Author: m-tmatma

.github/workflows/live-test.yml

@@ -3,7 +3,8 @@ on:
   pull_request:
 
 permissions:
-  contents: read
+  contents: write
+  checks: write
   pull-requests: write
 
 jobs:

.github/workflows/multiple-files.yml

@@ -1,6 +1,12 @@
 name: Test Multipli File
 on:
   pull_request:
+
+permissions:
+  contents: write
+  checks: write
+  pull-requests: write
+
 jobs:
   test-multiple-files:
     runs-on: ubuntu-latest

.github/workflows/test-branch.yml

@@ -4,6 +4,11 @@ on:
   pull_request:
   push:
 
+permissions:
+  contents: write
+  checks: write
+  pull-requests: write
+
 jobs:
   test-branch:
     runs-on: ubuntu-latest

.github/workflows/update-coverage-on-readme.yml

@@ -3,6 +3,12 @@ on:
   push:
     branches:
       - test-branch
+
+permissions:
+  contents: write
+  checks: write
+  pull-requests: write
+
 jobs:
   update-coverage-on-readme:
     runs-on: ubuntu-latest

README.md

@@ -99,6 +99,15 @@ on:
   pull_request:
     branches:
       - '*'
+
+# https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
+# `contents` is for permission to the contents of the repository.
+# `pull-requests` is for permission to pull request
+permissions:
+  contents: write
+  checks: write
+  pull-requests: write
+
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -226,6 +235,15 @@ If your coverage html report will not change, it wouldn't push any changes to re
 name: Update Coverage on Readme
 on:
   push:
+
+# https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
+# `contents` is for permission to the contents of the repository.
+# `pull-requests` is for permission to pull request
+permissions:
+  contents: write
+  checks: write
+  pull-requests: write
+
 jobs:
   update-coverage-on-readme:
     runs-on: ubuntu-latest