From 4c8fb3ae2c872d2fe1e13f7f42a5e7dabaaf8159 Mon Sep 17 00:00:00 2001
From: Sam Simpson <sam.simpson@digital.cabinet-office.gov.uk>
Date: Thu, 1 Feb 2024 13:41:39 +0000
Subject: [PATCH] Grant id-token permission in clamav, mongodb and toolbox
 image workflows

---
 .github/workflows/build-clamav-image.yml  | 2 ++
 .github/workflows/build-mongodb-image.yml | 2 ++
 .github/workflows/build-toolbox-image.yml | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/.github/workflows/build-clamav-image.yml b/.github/workflows/build-clamav-image.yml
index 3b99c1b39..3a0901744 100644
--- a/.github/workflows/build-clamav-image.yml
+++ b/.github/workflows/build-clamav-image.yml
@@ -20,6 +20,8 @@ on:
 
 jobs:
   build-and-push-image:
+    permissions:
+      id-token: write
     uses: alphagov/govuk-infrastructure/.github/workflows/build-and-push-image-oidc.yml@main
     with:
       gitRef: ${{ inputs.gitRef || github.ref }}
diff --git a/.github/workflows/build-mongodb-image.yml b/.github/workflows/build-mongodb-image.yml
index dd04c250d..4809586f4 100644
--- a/.github/workflows/build-mongodb-image.yml
+++ b/.github/workflows/build-mongodb-image.yml
@@ -20,6 +20,8 @@ on:
 
 jobs:
   build-and-push-image:
+    permissions:
+      id-token: write
     uses: alphagov/govuk-infrastructure/.github/workflows/build-and-push-image-oidc.yml@main
     with:
       gitRef: ${{ inputs.gitRef || github.ref }}
diff --git a/.github/workflows/build-toolbox-image.yml b/.github/workflows/build-toolbox-image.yml
index 94fca81fb..fa78a03c8 100644
--- a/.github/workflows/build-toolbox-image.yml
+++ b/.github/workflows/build-toolbox-image.yml
@@ -20,6 +20,8 @@ on:
 
 jobs:
   build-and-push-image:
+    permissions:
+      id-token: write
     uses: alphagov/govuk-infrastructure/.github/workflows/build-and-push-image-oidc.yml@main
     with:
       gitRef: ${{ inputs.gitRef || github.ref }}