[BUG] Permissions Key only grants 'read'


I’ve followed the instructions at Workflow syntax for GitHub Actions - GitHub Docs to give write permissions to the Github Token in one of my workflows, however if I use write-all at the top of the workflow, or use a granular permission on the job, i.e. pull-requests: write ​ the READ permission is applied, and the workflow fails.

I’ve gone into the repo and Org settings to make sure that the settings there regarding the Action permissions are correct, and the issue still occurs.

Is this a bug or is there something that I’m missing?

You’re talking about a pull_request event, so this part of the documentation (the same link you shared) may be relevant, emphasis added:

You can use the permissions key to add and remove read permissions for forked repositories, but typically you can’t grant write access. The exception to this behavior is where an admin user has selected the Send write tokens to workflows from pull requests option in the GitHub Actions settings.