ci: add minimum GitHub token permissions for workflows (#8169)

Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>

.github/workflows/dependabot-merge.yml

@@ -4,6 +4,9 @@ on:
   pull_request_target:
     branches: [ master, next ]
 
+permissions:
+  contents: read
+
 jobs:
   merge-me:
     name: Merge me!

.github/workflows/docker-image-check.yml

@@ -5,6 +5,9 @@ on:
   schedule:
     - cron:  '30 4 * * *'
 
+permissions:
+  contents: read
+
 jobs:
   build:
     runs-on: ubuntu-latest

.github/workflows/nodejs.yml

@@ -12,6 +12,9 @@ on:
 env:
   CYPRESS_CACHE_FOLDER: cypress/cache
 
+permissions:
+  contents: read
+
 jobs:
   build:
     runs-on: ubuntu-latest