Release drafter workflow has broken permissions

[daniel-beck]

Jenkins and plugins versions report

n/a

What Operating System are you using (both controller, and any agents involved in the problem)?

n/a

Reproduction steps

Tell Dependabot to merge a PR, like jenkinsci/declarative-pipeline-migration-assistant-plugin#135 (review)

Expected Results

Release Drafter run works.

Actual Results

Release Drafter does not have the permissions to do its thing. It annotates the workflow run with: Resource not accessible by integration like e.g. in https://github.com/jenkinsci/declarative-pipeline-migration-assistant-plugin/actions/runs/2183707949

Anything else?

See docs at https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#changing-github_token-permissions how to fix this.

I did that for jenkins-security-scan in 5f0c5f1

While the linked repos don't inherit from .github, I checked the workflow in this repo and expect it behaves the same.

[rantoniuk]

RD works fine without additional permissions in jira-plugin runs.

[timja]

RD works fine without additional permissions in jira-plugin runs.

aye it was only a problem for new repositories or maybe ones that set more restrictive settings, we might have changed the org settings to fix it I'm not sure.