I'm new to Github so apologies if this is a bad question. Am I supposed to upload the private key as a secret for the checkout@v3 action? Tried it with the public key but it failed with "Permission Denied (publickey)". The obvious solution would be to upload the private one but I'm asking this just to be safe.

Yes just like when committing locally on your private pc with ssh you need the private key to checkout & commit (this would be your secret in the action) and the public key has to be registered as deploy key in the repo.

But you don't even need the ssh key!
You can remove these two lines from your config:

        with:
          ssh-key: ${{ secrets.SSH_KEY }}

actions/checkout and stefanzweifel/git-auto-commit-action will automatically use ${{ github.token }} secret to checkout & push to the repo.

I didn't knew that when I created the action (I was also quite new to gh actions back then) so some old docs might still tell you to use an ssh key. The latest example is on the README.md.

I'll close the issue but if you have more questions feel free to reopen it and ask!