Merge pull request #58 from DataDog/anmarchenko/reduce_github_actions…

…_permissions

reduce permissions for milestone github actions

.github/workflows/add-milestone-to-pull-requests.yml

@@ -7,17 +7,20 @@ on:
 
 jobs:
   add_milestone_to_merged:
+    permissions:
+      issues: write
+      pull-requests: write
     if: github.event.pull_request.merged && github.event.pull_request.milestone == null
     name: Add milestone to merged pull requests
     runs-on: ubuntu-latest
     steps:
       - name: Get project milestones
         id: milestones
-        uses: actions/github-script@0.9.0
+        uses: actions/github-script@v6
         with:
           github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
-            const list = await github.issues.listMilestonesForRepo({
+            const list = await github.rest.issues.listMilestones({
               owner: context.repo.owner,
               repo: context.repo.repo,
               state: 'open'
@@ -29,12 +32,12 @@ jobs:
             return milestones.length == 0 ? null : milestones[0].number
       - name: Update Pull Request
         if: steps.milestones.outputs.result != null
-        uses: actions/github-script@0.9.0
+        uses: actions/github-script@v6
         with:
           github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
             // Confusingly, the issues api is used because pull requests are issues
-            await github.issues.update({
+            await github.rest.issues.update({
               owner: context.repo.owner,
               repo: context.repo.repo,
               issue_number: ${{ github.event.pull_request.number }},

.github/workflows/create-next-milestone.yml

@@ -5,6 +5,8 @@ on:
 
 jobs:
   create_next_milestone:
+    permissions:
+      issues: write
     runs-on: ubuntu-latest
     steps:
       - name: Get next minor version