From 4155f7404bd1fb2b6de1f787795b8e172bc6c8c5 Mon Sep 17 00:00:00 2001
From: mkorwel <matt.korwel@gmail.com>
Date: Tue, 21 Oct 2025 20:23:56 -0700
Subject: [PATCH] fix(ci): simplify orchestrator permissions to read-all

---
 .github/workflows/orchestrator.yml | 17 +----------------
 1 file changed, 1 insertion(+), 16 deletions(-)

diff --git a/.github/workflows/orchestrator.yml b/.github/workflows/orchestrator.yml
index 40a026f5ca..afe527c620 100644
--- a/.github/workflows/orchestrator.yml
+++ b/.github/workflows/orchestrator.yml
@@ -8,22 +8,7 @@ on:
       - 'release/**'
   merge_group:
 
-permissions:
-  contents: 'read'
-  packages: 'write'
-  pull-requests: 'write'
-  security-events: 'write'
-  checks: 'write'
-  statuses: 'write'
-  actions: 'read'
-  attestations: 'read'
-  deployments: 'read'
-  discussions: 'read'
-  issues: 'read'
-  models: 'read'
-  pages: 'read'
-  repository-projects: 'read'
-  id-token: 'read'
+permissions: 'read-all'
 
 concurrency:
   group: '${{ github.workflow }}-${{ github.head_ref || github.ref }}'