From df5af77a5e6c5ced9ecb003fa4c8245978bbf69f Mon Sep 17 00:00:00 2001
From: Necip Allef <necipallef@gmail.com>
Date: Wed, 18 Sep 2024 15:58:26 +0300
Subject: [PATCH] ci: scope e2e test permissions to job rather than whole
 workflow

---
 .github/workflows/deploy_test_branch.yml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/deploy_test_branch.yml b/.github/workflows/deploy_test_branch.yml
index ef6eda8a..11cfd07b 100644
--- a/.github/workflows/deploy_test_branch.yml
+++ b/.github/workflows/deploy_test_branch.yml
@@ -5,10 +5,6 @@ on:
       - '**.md'
       - 'cloudformation/*.yml'
 
-permissions:
-  id-token: write # This is required for requesting the JWT
-  contents: read  # This is required for actions/checkout
-
 jobs:
   deploy-test-branch:
     name: Deploy test branch
@@ -71,6 +67,9 @@ jobs:
 
   run-e2e-for-test-branch:
     needs: [deploy-test-branch]
+    permissions:
+      id-token: write # This is required for requesting the JWT
+      contents: read  # This is required for actions/checkout
     name: Run e2e for test branch
     runs-on: ubuntu-latest
     steps: