ci(steps): Handle push into protected branch

Author: rizqyfahmi

.github/workflows/ci.yaml

@@ -53,6 +53,34 @@ jobs:
       pull-requests: write
     runs-on: ubuntu-latest
     steps:
+      - name: 'Generate token'
+        id: GENERATE_TOKEN
+        uses: actions/create-github-app-token@v2
+        with:
+          app-id: ${{ secrets.BOT_APP_ID }}
+          private-key: ${{ secrets.BOT_PRIVATE_KEY }}
+          permission-issues: write
+          permission-id-token: write
+          permission-contents: write
+          permission-pull-requests: write
+
+      - name: Get GitHub App User ID
+        id: get-user-id
+        run: |
+          echo "user-id=$(gh api "/users/${{ steps.GENERATE_TOKEN.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
+          echo ${{ steps.GENERATE_TOKEN.outputs.token }}
+        env:
+          GH_TOKEN: ${{ steps.GENERATE_TOKEN.outputs.token }}
+
+      - name: Set global username and email
+        run: |
+          git config --global user.name '${{ steps.GENERATE_TOKEN.outputs.app-slug }}[bot]'
+          git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.GENERATE_TOKEN.outputs.app-slug }}[bot]@users.noreply.github.com'
+
+      - name: Debug auth
+        run: |
+          curl -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ steps.GENERATE_TOKEN.outputs.token }}" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/user
+
       - name: Checkout
         uses: actions/checkout@v4
 
@@ -80,6 +108,6 @@ jobs:
 
       - name: Run Semantic Release
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ steps.GENERATE_TOKEN.outputs.token }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
         run: npx semantic-release