git push
from your GitHub actions if the repository has branch protection turned on or required checks before merging. Sorta makes sense, but still a PITA.GH_TOKEN
(since depending on the command you use, you might need a different one than GITHUB_TOKEN
), I decided to (ab)use the same:GH_TOKEN
envvar to a same-name secret, if presentGITHUB_TOKEN
GH_TOKEN
, which now may be a higher-permissions PAT than the defaultmain
and in that case I don't want to always force the presence of a GH_TOKEN
secret.