ci: revert to auto GITEA_TOKEN for registry auth

Gitea 1.26 (PR #36173) honors permissions.packages: write on the
auto-provided GITEA_TOKEN, so the PAT workaround is no longer needed.
You can delete the REGISTRY_TOKEN org secret.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

.gitea/workflows/ci.yml

@@ -59,8 +59,8 @@ jobs:
         uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: git.farh.net
-          username: gitea-admin
-          password: ${{ secrets.REGISTRY_TOKEN }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITEA_TOKEN }}
 
       - name: Build and push worker image
         uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
@@ -91,8 +91,8 @@ jobs:
         uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: git.farh.net
-          username: gitea-admin
-          password: ${{ secrets.REGISTRY_TOKEN }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITEA_TOKEN }}
 
       - name: Build and push API image
         uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0

.gitea/workflows/helm-release.yml

@@ -31,8 +31,8 @@ jobs:
 
       - name: Log in to Gitea OCI registry
         run: |
-          echo "${{ secrets.REGISTRY_TOKEN }}" | helm registry login git.farh.net \
-            --username gitea-admin \
+          echo "${{ secrets.GITEA_TOKEN }}" | helm registry login git.farh.net \
+            --username "${{ github.actor }}" \
             --password-stdin
 
       - name: Push chart to Gitea OCI registry

.gitea/workflows/release-beta.yml

@@ -62,8 +62,8 @@ jobs:
         uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: git.farh.net
-          username: gitea-admin
-          password: ${{ secrets.REGISTRY_TOKEN }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITEA_TOKEN }}
 
       - name: Build and push worker image
         uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
@@ -93,8 +93,8 @@ jobs:
         uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: git.farh.net
-          username: gitea-admin
-          password: ${{ secrets.REGISTRY_TOKEN }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITEA_TOKEN }}
 
       - name: Build and push API image
         uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
@@ -125,8 +125,8 @@ jobs:
         uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: git.farh.net
-          username: gitea-admin
-          password: ${{ secrets.REGISTRY_TOKEN }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITEA_TOKEN }}
 
       - name: Inspect worker image
         id: inspect-worker

.gitea/workflows/release.yml

@@ -77,8 +77,8 @@ jobs:
         uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: git.farh.net
-          username: gitea-admin
-          password: ${{ secrets.REGISTRY_TOKEN }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITEA_TOKEN }}
 
       - name: Build and push worker image
         uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
@@ -111,8 +111,8 @@ jobs:
         uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: git.farh.net
-          username: gitea-admin
-          password: ${{ secrets.REGISTRY_TOKEN }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITEA_TOKEN }}
 
       - name: Build and push API image
         uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
@@ -145,8 +145,8 @@ jobs:
         uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: git.farh.net
-          username: gitea-admin
-          password: ${{ secrets.REGISTRY_TOKEN }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITEA_TOKEN }}
 
       - name: Inspect worker image
         id: inspect-worker

.gitea/workflows/rollback.yml

@@ -78,8 +78,8 @@ jobs:
         uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
         with:
           registry: git.farh.net
-          username: gitea-admin
-          password: ${{ secrets.REGISTRY_TOKEN }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITEA_TOKEN }}
 
       - name: Verify Docker image tag exists
         run: docker buildx imagetools inspect "git.farh.net/farhoodlabs/trebuchet:${{ steps.target.outputs.version }}"