ci(security): reduce workflow permissions (#207)

By default, set all the workflow permissions to read-all, then 
provide permissions one by one to each job requiring more
permissions.

Closes #206

Signed-off-by: Jonathan Gonzalez V <jonathan.gonzalez@enterprisedb.com>
Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>

.github/workflows/bake.yaml

@@ -17,6 +17,8 @@ on:
         default: ""
         description: "A comma separated list of targets to build. If empty, all targets will be built."
 
+permissions: read-all
+
 jobs:
   # Start by building images for testing. We want to run security checks before pushing those to production.
   testbuild: