From bf82dffa86729df8b49293edd0626f05db64a8f3 Mon Sep 17 00:00:00 2001
From: dantelmomsft <dantelmo@microsoft.com>
Date: Wed, 9 Oct 2024 16:39:37 +0200
Subject: [PATCH] add github action permission for id-token

---
 .github/workflows/azure-dev.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/azure-dev.yaml b/.github/workflows/azure-dev.yaml
index 238ef4e..43686d4 100644
--- a/.github/workflows/azure-dev.yaml
+++ b/.github/workflows/azure-dev.yaml
@@ -10,6 +10,12 @@ on:
       - v*.*.*
   workflow_dispatch:
 
+# Set up permissions for deploying with secretless Azure federated credentials
+# https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-portal%2Clinux#set-up-azure-login-with-openid-connect-authentication
+permissions:
+  id-token: write
+  contents: read
+
 jobs:
   changes-detection:
     runs-on: ubuntu-latest