Permissions like that are done on the project level, not issue type.
There is a request open to do permissions at issue level, but I don't think it's on the roadmap at the moment.
So, while there appears to be no way to do this on the surface, you can actually do it. Obviously, there are add-ons which can help (Behaviours in the ScriptRunner add-on, Quisapps field security, etc), but natively, you could:
Set the permission scheme to allow the customers to attach and comment on all issues in the project.
Give tasks one workflow, and the other issue types a different one (or set)
On the NON task workflows, add status properties that change the permissions to dissallow the customers group (or role or whatever).
If, for example, you have your internal users in the group "developers" and your customers are not in it, then you could say jira.permission.comment.group=developers
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
A picture tells a thousand words. And agility boards have just released their latest feature: cover images on issues – so now your board can tell a story at first glance. Upload attachmen...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs