How to push to protected branches in a GitHub Action

Seems like tying the perms on the action to the perms on the author of a commit could provide the automation power we want here without the security vulnerability. No?

Wow you saved me hours of debugging! ty!

So… there’s still no good way to do this without creating and managing a bot user just for this purpose, right?

It’s pretty absurd that Github still has no way to directly handle what should be a really straightforward, really common use case like this.


For Team and Enterprise plans, the “system-admin” user doesn’t necessarily need admin access:

"12. Optionally, if your repository is owned by an organization using GitHub Team or GitHub Enterprise Cloud, enable branch restrictions.

However, as an Owner (=full Admin) I cannot prevent myself from making stupid mistakes and am still able to push to a protected branch :frowning: