ci(steps): Handle push into protected branch

Author: rizqyfahmi

.github/workflows/ci.yaml

@@ -1,4 +1,5 @@
 name: CI Pipeline
+run-name: ${{ github.actor }} is automatically publishing
 
 on:
   push:
@@ -53,6 +54,24 @@ jobs:
       pull-requests: write
     runs-on: ubuntu-latest
     steps:
+      - name: 'Generate token'
+        id: GENERATE_TOKEN
+        uses: actions/create-github-app-token@v2
+        with:
+          app-id: ${{ secrets.BOT_APP_ID }}
+          private-key: ${{ secrets.BOT_PRIVATE_KEY }}
+
+      - name: Get GitHub App User ID
+        id: get-user-id
+        run: echo "user-id=$(gh api "/users/${{ steps.GENERATE_TOKEN.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
+        env:
+          GH_TOKEN: ${{ steps.GENERATE_TOKEN.outputs.token }}
+
+      - name: Set global username and email
+        run: |
+          git config --global user.name '${{ steps.GENERATE_TOKEN.outputs.app-slug }}[bot]'
+          git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.GENERATE_TOKEN.outputs.app-slug }}[bot]@users.noreply.github.com'
+
       - name: Checkout
         uses: actions/checkout@v4
 
@@ -78,8 +97,12 @@ jobs:
         with:
           inputs: "*.tgz"
 
+      - name: Debug auth
+        run: |
+          curl -s -H "Authorization: token ${{ steps.GENERATE_TOKEN.outputs.token }}" https://api.github.com/user
+
       - name: Run Semantic Release
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ steps.GENERATE_TOKEN.outputs.token }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
         run: npx semantic-release