CCM-12614: add github package manager authentication

Author: Ian-Hodges

.github/workflows/cicd-1-pull-request.yaml

@@ -15,6 +15,7 @@ on:
 permissions:
   id-token: write
   contents: write
+  packages: read
 
 jobs:
   metadata:

.github/workflows/stage-1-commit.yaml

@@ -152,12 +152,12 @@ jobs:
         uses: ./.github/actions/lint-terraform
   trivy-iac:
     name: "Trivy IaC Scan"
-    permissions:
-      contents: read
     runs-on: ubuntu-latest
     timeout-minutes: 10
     needs: detect-terraform-changes
     if: needs.detect-terraform-changes.outputs.terraform_changed == 'true'
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     steps:
       - name: "Checkout code"
         uses: actions/checkout@v4
@@ -170,10 +170,10 @@ jobs:
   trivy-package:
     if: ${{ !inputs.skip_trivy_package }}
     name: "Trivy Package Scan"
-    permissions:
-      contents: read
     runs-on: ubuntu-latest
     timeout-minutes: 10
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     steps:
       - name: "Checkout code"
         uses: actions/checkout@v4