fix: use right token permissions (kedacore#6430)

Signed-off-by: Jorge Turrado <[email protected]>

.github/workflows/main-build.yml

@@ -92,6 +92,9 @@ jobs:
 
   trivy-scan:
     needs: build
+    permissions:
+      contents: read
+      security-events: write
     uses: kedacore/keda/.github/workflows/template-trivy-scan.yml@main
     with:
       runs-on: ubuntu-latest
@@ -102,6 +105,9 @@ jobs:
 
   trivy-scan-metrics-server:
     needs: build
+    permissions:
+      contents: read
+      security-events: write
     strategy:
       matrix:
         runner: [ARM64, ubuntu-latest]
@@ -116,6 +122,9 @@ jobs:
 
   trivy-scan-keda:
     needs: build
+    permissions:
+      contents: read
+      security-events: write
     strategy:
       matrix:
         runner: [ARM64, ubuntu-latest]

.github/workflows/template-smoke-tests.yml

@@ -13,9 +13,6 @@ on:
         required: true
         type: string
 
-permissions:
-  contents: read
-
 jobs:
   smoke-tests:
     name: Validate k8s-${{ inputs.kubernetesVersion }}

.github/workflows/template-trivy-scan.yml

@@ -31,10 +31,6 @@ on:
         required: true
         type: boolean
 
-permissions:
-  contents: read
-  security-events: write
-
 jobs:
   trivy-scan:
     name: Trivy - ${{ inputs.runs-on }} - ${{ inputs.scan-type }} ${{ inputs.image-ref }}