From 7fb2fb069b050213aafa1df4825204a342ce738a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lu=C3=ADs=20Portela=20Afonso?= <luis.portela@ydata.ai>
Date: Wed, 17 Jul 2024 15:31:53 +0100
Subject: [PATCH] chore(actions): set sbom-action to 0.17.0 and add permission

---
 .github/workflows/prereleased.yaml  | 3 ++-
 .github/workflows/pull-request.yaml | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/prereleased.yaml b/.github/workflows/prereleased.yaml
index e4acf8a..a990b61 100644
--- a/.github/workflows/prereleased.yaml
+++ b/.github/workflows/prereleased.yaml
@@ -25,6 +25,7 @@ env:
 
 
 permissions:
+  actions: read
   id-token: write
   contents: write
   packages: read
@@ -180,7 +181,7 @@ jobs:
     - uses: actions/checkout@v4
 
     - name: Create SBOM
-      uses: anchore/sbom-action@v0
+      uses: anchore/sbom-action@v0.17.0
       with:
         upload-artifact-retention: 1
         format: cyclonedx-json
diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml
index 2aed9d2..e8ebad9 100644
--- a/.github/workflows/pull-request.yaml
+++ b/.github/workflows/pull-request.yaml
@@ -18,6 +18,7 @@ env:
 
 
 permissions:
+  actions: read
   id-token: write
   contents: read
   packages: read
@@ -65,7 +66,7 @@ jobs:
     - uses: actions/checkout@v4
 
     - name: Create SBOM
-      uses: anchore/sbom-action@v0
+      uses: anchore/sbom-action@v0.17.0
       with:
         upload-artifact-retention: 1
         format: cyclonedx-json