chore(ci): GitHub Workflows security hardening

[sashashura]

Signed-off-by: sashashura 93376818+sashashura@users.noreply.github.com

Pre-flight checklist

• I have read the Contributing Guidelines on pull requests.
• If this is a code change: I have written unit tests and/or added dogfooding pages to fully verify the new behavior.
• If this is a new API or substantial change: the PR has an accompanying issue (closes #0000) and the maintainers have approved on my working plan.

Motivation

This PR adds explicit permissions section to workflows. This is a security best practice because by default workflows run with extended set of permissions (except from on: pull_request from external forks). By specifying any permission explicitly all others are set to none. By using the principle of least privilege the damage a compromised workflow can do (because of an injection or compromised third party tool or action) is restricted.
It is recommended to have most strict permissions on the top level and grant write permissions on job level case by case.

Test Plan

Test links

Deploy preview: https://deploy-preview-_____--docusaurus-2.netlify.app/

Related issues/PRs

[netlify]

✅ [V2]

Built without sensitive environment variables

Name	Link
🔨 Latest commit	c28c405
🔍 Latest deploy log	https://app.netlify.com/sites/docusaurus-2/deploys/630f3a9c51972900091b05a4
😎 Deploy Preview	https://deploy-preview-8030--docusaurus-2.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site settings.

[github-actions]

⚡️ Lighthouse report for the deploy preview of this PR

URL	Performance	Accessibility	Best Practices	SEO	PWA	Report
/	🟠 80	🟢 98	🟢 100	🟢 100	🟠 80	Report
/docs/installation	🟠 81	🟢 100	🟢 100	🟢 100	🟢 90	Report

[slorber]

LGTM thanks 👍