Explicitly declare the BRUTUS_PAT_TOKEN secret.

[freakboy3742]

Explicitly declares the BRUTUS_PAT_TOKEN secret, so that the workflow can be used outside the beeware organization.

Secrets aren't shared with reusable workflows if the workflow is defined in a different organisation. To allow secrets to be used, the secret must be explicitly declared as part of the workflow_call definition.

This was discovered as part of adding pre-commit-update to the dmgbuild repo

From what I can tell, this should have no impact for workflows in the same organization - for those workflows secrets: inherit implicitly passes through all repo, environment and organization secrets.

PR Checklist:

• All new features have been tested
• All new features have been documented
• I have read the CONTRIBUTING.md file
• I will abide by the code of conduct

[rmartin16]

From what I can tell, this should have no impact for workflows in the same organization - for those workflows secrets: inherit implicitly passes through all repo, environment and organization secrets.

This makes sense to me...but I can't find anything that confirms secrets: inherit works with explicitly required secrets. I guess I would certainly hope so.

I suppose once this is merged, we can kick off pre-commit-update for a repo and see what it does.

[rmartin16]

Runs well enough for Briefcase 👍🏼

https://github.com/beeware/briefcase/actions/runs/7778799680