GitHub external service docs don't mention which scope is required for tokens

Created by: mrnugget

Extracted from https://gist.github.com/unknwon/b7c80d23e6b2a624e50e4073454959e0

There is no mention in the campaign docs what scopes I should give to my personal access token in advance, I followed the GitHub docs https://docs.sourcegraph.com/admin/external_service/github#token, and it even says “If using only public repositories, you can create the token with no scopes”.

The “publish” step failed badly with lots of 403 (when I use a token with no scope), and I still have no idea what scope it wants. We probably want to check token scopes with fail more gracefully.