[meta] Ensure Actions can upload Rolling Releases

[confused-Techie]

This PR increases the permissions of the actions to ensure it can write the new release for rolling releases

[DeeDeeG]

Going a little fast around here at the moment to get things done in time, but I think this is good. 👍

[confused-Techie]

Thanks @DeeDeeG

[DeeDeeG]

For posterity/documentation purposes: This token needed the contents: write permission for the Rolling repo we are publishing releases to. Per this documentation...

If you search in the page here for "release": https://docs.github.com/en/rest/overview/permissions-required-for-fine-grained-personal-access-tokens?apiVersion=2022-11-28#repository-permissions-for-contents

You can see managing releases is all handled under the contents permission, and making a new release or uploading binaries requires contents:write permission.

(Which, write is a superset of/also implies read, near as I can tell. You definitely can't make a token that has write without also granting read.)

And to clarify, if anyone needs to re-up the token and I'm not available, it just has to be a PAT token for an individual with write access to the rolling repo. Making it be one of the newer-style, fine-grained tokens is HIGHLY RECOMMENDED, scoped to just the rolling releases repo and with only contents:write (and metadata:read, which is apparently mandatory). And I would specifically discourage using one of the old classic tokens for this purpose.