From 72703d02f7df0cdb8f27aeb9feafeccd67b49881 Mon Sep 17 00:00:00 2001
From: Santiago Bernhardt <santiago.bernhardt@gmail.com>
Date: Mon, 22 May 2023 10:23:31 +1200
Subject: [PATCH] Suddenly existing repos fail with missing permissions for
 token (#271)

---
 .github/workflows/main.yml | 2 ++
 entrypoint.sh              | 1 +
 2 files changed, 3 insertions(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 10283636..534411ca 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -15,6 +15,8 @@ jobs:
   bump-version:
     if: github.event_name == 'pull_request' && github.event.action == 'closed' && github.event.pull_request.merged == true
     runs-on: ubuntu-22.04
+    permissions:
+      contents: write
     steps:
       - uses: actions/checkout@v3
         with:
diff --git a/entrypoint.sh b/entrypoint.sh
index 16282ee6..cbf72d20 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -242,6 +242,7 @@ fi
 git tag "$new"
 
 # push new tag ref to github
+# this needs permissions in the workflow as contents: write
 dt=$(date '+%Y-%m-%dT%H:%M:%SZ')
 full_name=$GITHUB_REPOSITORY
 git_refs_url=$(jq .repository.git_refs_url "$GITHUB_EVENT_PATH" | tr -d '"' | sed 's/{\/sha}//g')