From b841d2a87f7380dfb7b67e7e4dfff1c92fd18c43 Mon Sep 17 00:00:00 2001
From: Roberto Tyley <roberto.tyley@gmail.com>
Date: Sat, 24 Feb 2024 12:03:50 +0000
Subject: [PATCH] Pass creds for gu-scala-library-release GitHub App

This change passes on the new `AUTOMATED_MAVEN_RELEASE_GITHUB_APP_PRIVATE_KEY`
Organisation Secret required for https://github.com/guardian/gha-scala-library-release-workflow/pull/26 -
a GitHub App **private** key for https://github.com/apps/gu-scala-library-release .

This allows `gha-scala-library-release-workflow` to work with repos that
use branch-protection rulesets that prevent most users from pushing to
the default (`main`) branch - the workflow can authenticate as our
GitHub App, and our GitHub App can be granted permission to bypass the
ruleset, so that it can push to `main` to make a release, while
developers can not!
---
 .github/workflows/release.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 950d9a4..4ee469d 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -10,3 +10,4 @@ jobs:
     secrets:
       SONATYPE_PASSWORD: ${{ secrets.AUTOMATED_MAVEN_RELEASE_SONATYPE_PASSWORD }}
       PGP_PRIVATE_KEY: ${{ secrets.AUTOMATED_MAVEN_RELEASE_PGP_SECRET }}
+      GITHUB_APP_PRIVATE_KEY: ${{ secrets.AUTOMATED_MAVEN_RELEASE_GITHUB_APP_PRIVATE_KEY }}