From 1993276665e47b4ae0abfd89ee113f83443ab3d7 Mon Sep 17 00:00:00 2001
From: Camila Macedo <camilamacedo86@gmail.com>
Date: Thu, 11 May 2023 09:15:15 +0100
Subject: [PATCH 1/3] replace pull reuest target

---
 .github/workflows/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 22ffd27..4c9abca 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -1,7 +1,7 @@
 name: PR Verifier
 
 on:
-  pull_request_target:
+  pull_request:
     types: [opened, edited, reopened, synchronize]
 
 jobs:

From a60dbd317949a6a993016f4f9bae8c5ca571106e Mon Sep 17 00:00:00 2001
From: Camila Macedo <camilamacedo86@gmail.com>
Date: Thu, 11 May 2023 09:21:40 +0100
Subject: [PATCH 2/3] replace pull reuest target

---
 .github/workflows/main.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 4c9abca..51075c9 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -4,6 +4,9 @@ on:
   pull_request:
     types: [opened, edited, reopened, synchronize]
 
+permissions:
+  checks: write # Allow access to checks to write check runs.
+  
 jobs:
   verify:
     name: Verify PR contents

From 75fbc002f1a48aebad7316bdf2c542f4acedba11 Mon Sep 17 00:00:00 2001
From: Camila Macedo <camilamacedo86@gmail.com>
Date: Thu, 11 May 2023 11:54:19 +0100
Subject: [PATCH 3/3] test

---
 .github/actions/verifier/action.yml | 13 ++++++++++---
 .github/workflows/main.yml          |  3 +++
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/.github/actions/verifier/action.yml b/.github/actions/verifier/action.yml
index a644b73..7d56eb5 100644
--- a/.github/actions/verifier/action.yml
+++ b/.github/actions/verifier/action.yml
@@ -1,9 +1,16 @@
 name: 'Verify KubeBuilder PRs'
 description: 'Verify PRs for the KubeBuilder project repos & similar'
 inputs:
-  github_token:
-    description: "the github_token provided by the actions runner"
-    required: true
+  github-token:
+    action-input:
+      input: github-token
+      is-default: false
+    permissions:
+      checks: write
+      checks-reason: to create and update checks #Checkout: https://github.com/kubernetes-sigs/kubebuilder-release-tools/blob/01981b8498d7b87658301e2a1b12c56b8c61067d/verify/pkg/action/plugin.go#L88
+      pull-requests: read
+      pull-requests-reason: to get PR title
+
 runs:
   using: docker
   image: '../../../Dockerfile'
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 51075c9..1caacbe 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -6,6 +6,9 @@ on:
 
 permissions:
   checks: write # Allow access to checks to write check runs.
+  checks-reason: to create and update checks #Checkout: https://github.com/kubernetes-sigs/kubebuilder-release-tools/blob/01981b8498d7b87658301e2a1b12c56b8c61067d/verify/pkg/action/plugin.go#L88
+  pull-requests: read
+  pull-requests-reason: to get PR title
   
 jobs:
   verify: