Update CI with explicit permissions for publishing images

[gmulhearn]

Hi, after encountering a recent issue in VCX's CI with image publishing permissions, i checked acapy as well..

I believe something changed in the hyperledger organisation settings last week where the GITHUB_TOKEN default permissions dropped to read-only. As a result, our image-publishing jobs started getting denied..

e.g. it looks like nightly publishes of acapy have failed or skipped for the past week or so: https://github.com/hyperledger/aries-cloudagent-python/actions/workflows/nigthly.yml

last successful run: https://github.com/hyperledger/aries-cloudagent-python/actions/runs/10275685048

runs now: https://github.com/hyperledger/aries-cloudagent-python/actions/runs/10396422027/job/28790543901

(compare the github_token permissions)

For VCX, the fix appeared to be adding explicit permissions to the affected jobs:

    permissions:
      contents: read
      packages: write

Related fix in VCX: hyperledger/aries-vcx#1283

[swcurran]

Thanks — this was top of the agenda today. @jamshale could you take a look?

I had a similar (but perhaps unrelated) experience with another repo that required adding this.

[jamshale]

That sounds like the same issue. I had thought the token might have expired, but this would make sense.