.github/workflows: build gmsl kuiper image

[iristeiu06]

Pull Request Description

GitHub workflow_dispatch API requires the workflow file to exist on the default branch. This file is a placeholder to satisfy the requirement and the actual workflow logic is on the gmsl-rpi-6.13.y branch.

PR Type

• Bug fix (change that fixes an issue)
• New feature (change that adds new functionality)
• Breaking change (has dependencies in other repos or will cause CI to fail)

PR Checklist

• I have performed a self-review of the changes
• I have commented my code, at least hard-to-understand parts
• I have built Kuiper Linux image with the changes
• I have tested new image in hardware, on relevant boards
• I have signed off all commits from this PR
• I have updated the documentation (wiki pages, ReadMe etc)

In general, the fix is to explicitly define a permissions: block for the workflow or for the build job so that the automatically-provided GITHUB_TOKEN has only the minimal required scope. For this particular workflow, the job only prints a message and does not interact with the repository or GitHub APIs, so it can safely run with fully disabled permissions (permissions: {}) or with a minimal read-only scope like contents: read. Using permissions: {} is the strictest option and clearly documents that the token is not intended to be used.

The single best way to fix this without changing existing functionality is to add a top-level permissions: block (so it applies to all current and future jobs in this workflow) between the on: block and the jobs: block. We will set it to an empty mapping, which disables all default scopes for the GITHUB_TOKEN in this workflow:

permissions: {}

Concretely, in .github/workflows/gmsl-image-build.yml, insert this permissions: line after the on: configuration (after line 8/9 in the provided snippet) and before jobs:. No imports or additional definitions are needed; this is purely YAML configuration for the GitHub Actions workflow.