Add hint to needed permissions to write labels

[stevenengland]

Hi, this is more a question/suggestion than an issue :)

In my newest repo the default permission for the GITHUB_TOKEN is restrictive (don't know if the default for that changed in the nearer past). That given it was not sufficient to use this token like in your README:

jobs:
  labeler:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v3
      -
        name: Run Labeler
        if: success()
        uses: crazy-max/ghaction-github-labeler@v4
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }} # <--- This one

Instead I needed to add dedicated permissions to the job like so:

jobs:
  labeler:
    runs-on: ubuntu-latest
    permissions:
      issues: write # <--- permission granted explicitely
    steps:
     - name: Checkout
        uses: actions/checkout@v3
     
     - name: Run Labeler
        if: success()
        uses: crazy-max/ghaction-github-labeler@v4
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}

Can you confirm that? And might it be senseful to add a block into the readme section for that case?

KR

[KyleKing]

Worked for me as well. This is the relevant documentation: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

This is my working action: https://github.com/KyleKing/calcipy_template/blob/3392412f1c14d8bf809e32a9f46551c9556078a5/.ctt/default/.github/workflows/labeler.yml

[ThomasKasene]

I had what I believe is the same issue, although when I set permissions.issues: write, it was unable to check out the repository, så I needed this to make it work:

permissions:
  contents: read
  issues: write