Migrate GitHub repos to private

[MartinBernstorff]

Seems we can install from private repos, as long as you're logged in with the correct user in git and use the SSH protocol: python-poetry/poetry#835

To verify:

• Create a new private test-repo

• Create a fake python package in it

• Create a release

• Install that release on Overtaci

• Setup automatic release creation
  Seems there are good workflows for adding to pypi. Can we mirror the build process, and then add to GitHub instead?

• Test that

• Setup for T2D

• Looks like this might not work with branch protections, since it can't write to main. Which trade-off is best here?
  Protected branch with PR requirement prevents release semantic-release/github#175

• One suggestion is to disable the branch protection rules. Then we should ensure builds are only created if all tests pass.

• Use release-please instead, which maintains a PR? This can be auto-approved and auto-merged I think.
  https://github.com/google-github-actions/release-please-action#release-types-supported

release-please requires a GitHub token to access the GitHub API. You configure this token via the token configuration option. You can use the built-in GITHUB_TOKEN secret, however, note that any resources created by release-please (release tag or release pull request) will not trigger future GitHub actions workflows.

• OH, IT SEEMS TO WORK NOW! Need to run checkout for the PAT to persist! Awesome!!!

• Setup for feature-generation
• Setup for ml-utils
• Setup for psycop-t2d

• For setup:
  • Add RELEASE_BOT access token to actions. Should be a personal access token with "repo" permissions.
  • Update .toml with
    • semantic_release section
    • match version in .toml with latest release on github. If no release on github, either 0.0.0, or create a tagged release.
  • GA files
    • Add main_test_and_release
    • Add test_prs
    • Add automerge
    • Update dependabot
    • Remove unused CI
  • Update the PR template
  • Get the first build done

• Document how to install on Overtaci
• If everything works, as Søren to pay for GitHub teams
• When that goes through, setup private repos with releases on the production repos