From ff7b385894674bf8a44a78ea7346a01fbbada903 Mon Sep 17 00:00:00 2001
From: Gregor Lichtner <gregor.lichtner@med.uni-greifswald.de>
Date: Wed, 29 May 2024 19:52:50 +0200
Subject: [PATCH] ci: add token to push step

---
 .github/workflows/semantic-release.yml | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml
index 5a04222e3..51f48e2f8 100644
--- a/.github/workflows/semantic-release.yml
+++ b/.github/workflows/semantic-release.yml
@@ -88,6 +88,7 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
+          persist-credentials: false  # Do not store credentials as they will be configured manually
 
       - name: Setup Node.js
         uses: actions/setup-node@v4
@@ -102,11 +103,17 @@ jobs:
       - name: Update sushi-config.yaml with new version
         run: |
           yq eval '.version = "${{ needs.check-release.outputs.new_release_version }}"' -i sushi-config.yaml
-
-      - name: Commit and push updated sushi-config.yaml
+  
+      - name: Configure git and push changes
+        env:
+          REPO_ACCESS_TOKEN: ${{ secrets.REPO_ACCESS_TOKEN }}
         run: |
           git config user.name 'github-actions'
           git config user.email 'github-actions@github.com'
+          
+          # Inject the token directly into the remote URL securely
+          git remote set-url origin https://x-access-token:${REPO_ACCESS_TOKEN}@www.github.com/${{ github.repository }}.git
+
           git add sushi-config.yaml
           git commit -m "Update sushi-config.yaml for release ${{ needs.check-release.outputs.new_release_version }}"
           git push