Use acceptable name for GitHub token secret

[patik]

Change name for GitHub token

GitHub doesn't allow you to add a repository secret named GITHUB_*. This PR changes the name to GH_TOKEN and also adds instructions to the readme.

Pull-Request Checklist

• Code is up-to-date with the main branch
• npm run lint passes with this change
• npm run test passes with this change
• (n/a) This pull request links relevant issues as Fixes #0000
• (n/a) There are new or updated unit tests validating the change
• Documentation has been updated to reflect this change
• The new commits follow conventions outlined in the conventional commit spec

[ryansonshine]

Hi @patik,

Thanks for the contribution, I really appreciate it!

Per the GitHub action docs:

At the start of each workflow run, GitHub automatically creates a unique GITHUB_TOKEN secret to use in your workflow. You can use the GITHUB_TOKEN to authenticate in a workflow run.

The GITHUB_TOKEN environment variable is set automatically. Perhaps we could add a section in the README making a brief mention on how this doesn't need to be set manually, thoughts?

[codecov]

Codecov Report

Merging #10 (2cdea2b) into main (b972608) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##              main       #10   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            1         1           
  Lines            1         1           
  Branches         1         1           
=========================================
  Hits             1         1           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b972608...2cdea2b. Read the comment docs.

[ryansonshine]

#10 (comment)

[sneko]

@patik @ryansonshine I think it would be easier to directly point to this part: https://github.com/semantic-release/github#github-authentication

It explains in details which strategy to use depending on the need.

(to be honest, I struggled some time with those... thinking I had to create it manually, but was setting GH_TOKEN and didn't know by default GITHUB_TOKEN was populated... If you don't have the idea to check specifically https://github.com/semantic-release/github there is no way to know about right permissions to set).

At the end maybe the easiest way is to adjust the template to have in release.yaml:

name: Release
on:
  push:
    branches:
      - main
jobs:
  release:
    name: Release
    runs-on: ubuntu-latest
    permissions:
      contents: write
      issues: write
      pull-requests: write
    steps:
...

It will grant needed permissions automatically.

[ryansonshine]

Thanks @sneko ! I agree I think an update to release.yml would be ideal.

Let me know if you'd like to open a PR, otherwise I should be able to get around to this sometime in the new few days.

[ryansonshine]

Closing this PR after implementing the changes proposed in #10 (comment) with f05e389