From f48c00197b4e61254045cdd401192dadc3bf68ab Mon Sep 17 00:00:00 2001
From: Jay Jie <jyz1992@hotmail.com>
Date: Sun, 17 Sep 2023 00:14:12 -0700
Subject: [PATCH 1/3] fix: explicit permission in github workflow

---
 .github/workflows/ build-and-publish.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/ build-and-publish.yml b/.github/workflows/ build-and-publish.yml
index c689c52..40bd96f 100644
--- a/.github/workflows/ build-and-publish.yml	
+++ b/.github/workflows/ build-and-publish.yml	
@@ -18,6 +18,9 @@ jobs:
     name: Build Docker image and push to repositories
     # run only when code is compiling and tests are passing
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
 
     # steps to perform in job
     steps:

From 7656492bbb075477b724aa231015eb6de0149cc2 Mon Sep 17 00:00:00 2001
From: Jay Jie <jyz1992@hotmail.com>
Date: Sun, 17 Sep 2023 00:21:48 -0700
Subject: [PATCH 2/3] chore: switch to docker/build-push-action@v4

---
 .github/workflows/ build-and-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ build-and-publish.yml b/.github/workflows/ build-and-publish.yml
index 40bd96f..ca60e44 100644
--- a/.github/workflows/ build-and-publish.yml	
+++ b/.github/workflows/ build-and-publish.yml	
@@ -46,7 +46,7 @@ jobs:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
       - name: Build image and push to GitHub Container Registry
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v4
         with:
           # Note: tags has to be all lower-case
           tags: ${{ steps.meta.outputs.tags }}

From 0887bacc37d4e5f36eef3dda24f8bc0ea5f1ea36 Mon Sep 17 00:00:00 2001
From: Jay Jie <jyz1992@hotmail.com>
Date: Sun, 17 Sep 2023 01:36:51 -0700
Subject: [PATCH 3/3] chore: fix github workflow

---
 .github/workflows/ build-and-publish.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ build-and-publish.yml b/.github/workflows/ build-and-publish.yml
index ca60e44..fe97cab 100644
--- a/.github/workflows/ build-and-publish.yml	
+++ b/.github/workflows/ build-and-publish.yml	
@@ -25,7 +25,7 @@ jobs:
     # steps to perform in job
     steps:
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       # setup Docker buld action
       - name: Set up Docker Buildx
@@ -37,7 +37,7 @@ jobs:
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
-          password: ${{ secrets.GHCR_PAT }}
+          password: ${{ github.token }}
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta