This seems a bit crazy coming from GitLab CI, it seems that even if all the workflow jobs across a repo use exactly the same Docker image, I still have to specify:
permissions:
packages: read
contents: read
container:
image: my_image:my_tag
On EVERY single job. Surely there is a better solution to this, but what is it?
