Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add repository-projects:read to release job token
After submariner-io#470, the release GitHub Action workflow is failing to add labels to PRs. ``` gh pr edit --add-label e2e-all-k8s \ submariner-io/submariner#2032 GraphQL: Your token has not been granted the required scopes to execute this query. The 'login' field requires one of the following scopes: ['read:org'], but your token has only been granted the: ['admin:repo_hook', 'delete:packages', 'notifications', 'repo', 'workflow', 'write:discussion', 'write:packages'] scopes. Please modify your token's scopes at: https://github.com/settings/tokens. INFO: Didn't label 'e2e-all-k8s', continuing without it. ``` The only explination I can find of that permisson is: > read:org Read org and team membership, read org projects I can also see that permission is a subset of admin:org. It seems to be different than `read:project Read access of projects` somehow. It's not clear which GITHUB_TOKEN permisison we can set relates to those token permissions. docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs It doesn't seem possible set all permissions to read and only some to write, as setting any specific permission overrides read-all. For now, trying the only permission that seems even vaguely related. Signed-off-by: Daniel Farrell <[email protected]>
- Loading branch information