do not use extra unnecessary permisisons in build step

Signed-off-by: Dan Urson <[email protected]>
notdurson · Dec 17, 2024 · 62a6526 · 62a6526
1 parent 8b2b2d5
commit 62a6526
Showing 1 changed file with 0 additions and 3 deletions.
diff --git a/.github/workflows/atlantis-image.yml b/.github/workflows/atlantis-image.yml
@@ -47,8 +47,6 @@ jobs:
     name: Build Image
     permissions:
       id-token: write
-      packages: write
-      contents: read
       attestations: write
     strategy:
       matrix:
@@ -154,7 +152,6 @@ jobs:
         outputs: type=image,name=target,annotation-index.org.opencontainers.image.description=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.description'] }}
 
     - name: "Sign and Attest Image"
-      if: env.PUSH == 'true'
       uses: actions/attest-build-provenance@7668571508540a607bdfd90a87a560489fe372eb # v2.1.0
       with:
         subject-digest: ${{ steps.build.outputs.digest }}