fix: add permissions to attempt-fix-io workflow job

The attempt-fix-io job calls fuzzer-fix-automation.yml which requires
write permissions for contents, issues, pull-requests, and id-token.
When using workflow_call, the called workflow inherits permissions from
the caller, so we need to explicitly grant these permissions.

This fixes the error:
"The nested job 'attempt-fix' is requesting 'contents: write, issues: write,
pull-requests: write, id-token: write', but is only allowed 'contents: read,
issues: none, pull-requests: none, id-token: none'."

Signed-off-by: Joe Isaacs <[email protected]>

Author: joseph-isaacs

.github/workflows/fuzz.yml

@@ -129,6 +129,11 @@ jobs:
     name: "Attempt Fix for IO Fuzz Crash"
     needs: report-io-fuzz-failures
     if: needs.report-io-fuzz-failures.outputs.issue_number != ''
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: write
+      id-token: write
     uses: ./.github/workflows/fuzzer-fix-automation.yml
     with:
       issue_number: ${{ needs.report-io-fuzz-failures.outputs.issue_number }}