Update documentation to define permissions required by action

Question

Update documentation to define permissions required by action

iacabezasbaculima opened this issue a year ago · 0 comments

The following permissions must be added to a GitHub Actions workflow:

permissions:
  pull-requests: write
  issues: write

This will provide the default GITHUB_TOKEN permissions to work with issues and pull requests.

Currently, the GitHub REST API endpoint used to add a label is shared by issues and pull requests.

Therefore, the documentation on how to use the action should be updated as follows:

name: 🏷 PR size labeler

on: [pull_request]

permissions:
  pull-requests: write
  issues: write

jobs:
  pr-labeler:
    runs-on: ubuntu-latest
    name: Label the PR size
    steps:
      - uses: BedrockStreaming/pr-size-labeler@v1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          exclude_files: .lock

References:
https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token