From 87867cb2f29e1562ce610b1b918fa844bfd7aeb3 Mon Sep 17 00:00:00 2001
From: Matthias Nannt <mail@matthiasnannt.com>
Date: Thu, 7 Aug 2025 15:46:46 +0200
Subject: [PATCH] chore: address coderabbit suggestions

---
 .github/workflows/chromatic.yml                          | 1 -
 .github/workflows/docker-build-validation.yml            | 2 ++
 .github/workflows/release-docker-github-experimental.yml | 2 ++
 .github/workflows/terraform-plan-and-apply.yml           | 1 -
 4 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml
index 2de6b1d13d..2a23e114f3 100644
--- a/.github/workflows/chromatic.yml
+++ b/.github/workflows/chromatic.yml
@@ -14,7 +14,6 @@ jobs:
     name: Run Chromatic
     runs-on: ubuntu-latest
     permissions:
-      contents: read
       packages: write
       id-token: write
       actions: read
diff --git a/.github/workflows/docker-build-validation.yml b/.github/workflows/docker-build-validation.yml
index b8085f6f0e..d2d6192dd0 100644
--- a/.github/workflows/docker-build-validation.yml
+++ b/.github/workflows/docker-build-validation.yml
@@ -46,6 +46,8 @@ jobs:
 
       - name: Checkout Repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          fetch-depth: 0
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
diff --git a/.github/workflows/release-docker-github-experimental.yml b/.github/workflows/release-docker-github-experimental.yml
index c2075da141..500226af65 100644
--- a/.github/workflows/release-docker-github-experimental.yml
+++ b/.github/workflows/release-docker-github-experimental.yml
@@ -41,6 +41,8 @@ jobs:
 
       - name: Checkout repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          fetch-depth: 0
 
       - name: Generate SemVer version from branch or tag
         id: generate_version
diff --git a/.github/workflows/terraform-plan-and-apply.yml b/.github/workflows/terraform-plan-and-apply.yml
index 2fb1c5aaab..d805a3cbd6 100644
--- a/.github/workflows/terraform-plan-and-apply.yml
+++ b/.github/workflows/terraform-plan-and-apply.yml
@@ -22,7 +22,6 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       id-token: write
-      contents: read
       pull-requests: write
     env:
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}