Add permission to upload to dependency graph

.github/workflows/build-and-test.yaml

@@ -216,7 +216,7 @@ jobs:
     needs: deploy
     permissions:
       security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
-      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+      contents: write # for sbom-action artifact uploads
     runs-on: ubuntu-latest
     steps:
       -