From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Tue, 23 Sep 2025 14:19:53 +0000 (+0200)
Subject: docker: Grant enough permissions to sign images
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7bcddb96b8721c1651bbfcb558729111bed01b26;p=thirdparty%2Fpdns.git

docker: Grant enough permissions to sign images
---

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 133107b83..4e37a27cf 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -8,6 +8,9 @@ on:
 permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
   contents: read
   actions: read
+  # This is used to complete the identity challenge
+  # with sigstore/fulcio when running outside of PRs.
+  id-token: write
 
 jobs:
   call-build-image-auth: