From 0b0c19b271c898f089e5ee21d17ab16113a343a0 Mon Sep 17 00:00:00 2001
From: Akash Levy <akash@silimate.com>
Date: Sat, 28 Feb 2026 12:09:28 -0800
Subject: [PATCH] fix: use SSH_PRIVATE_KEY secret for private submodule access

Use the same SSH key approach as source-vendor.yml for cloning
private submodules (abc, verific).

Made-with: Cursor
---
 .github/workflows/release.yml | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 23b32ab0a..c114efc01 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -18,13 +18,8 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          submodules: false
-          token: ${{ secrets.SUBMODULE_PAT }}
-
-      - name: Initialize submodules
-        run: |
-          git -c url."https://x-access-token:${{ secrets.SUBMODULE_PAT }}@github.com/".insteadOf="git@github.com:" \
-            submodule update --init --recursive
+          submodules: recursive
+          ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}
 
       - name: Build wheel in Alpine container
         run: |