[PM-27181] - Grant additional permissions for review code

[theMickster]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-27181
https://bitwarden.atlassian.net/browse/BRE-1331

📔 Objective

Grant additional permissions for the reusable review workflow to ensure that we can also execute the reusable workflow in private repos.

Order matters when updating because:

1. If you add a required permission to the reusable workflow definition without callers having it, those workflows will fail
2. Callers can grant more permissions than the reusable workflow requires without breaking
3. Reusable workflows cannot grant themselves permissions - they can only use what the caller provides

Further information on proper permissions found below

1. Reuse Workflow - GitHub
2. Workflow syntax for GitHub Actions

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – 501d9805-216a-4c03-a14c-1978f3a1e8cb

Great job! No new security vulnerabilities introduced in this pull request