fix: remove persist-credentials to allow repo-sync push

[robnester-rh]

Summary

The persist-credentials: false added in PR #5 prevents git push from authenticating — the checkout action doesn't store the token in .git/config, so the push step fails with could not read Username.

The app token is already scoped and short-lived, so persisting it for the job duration is safe and necessary.

Discovered via manual workflow_dispatch run: https://github.com/conforma/go-containerregistry/actions/runs/28171774706

Test plan

• Trigger workflow_dispatch on repo-sync after merging — push step should succeed

🤖 Generated with Claude Code

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Enterprise

Run ID: f9293210-ee1b-478a-9e59-7e2206592f19

📥 Commits

Reviewing files that changed from the base of the PR and between b752479 and 06355ad.

📒 Files selected for processing (1)

• .github/workflows/repo-sync.yaml

💤 Files with no reviewable changes (1)

• .github/workflows/repo-sync.yaml

---

📝 Walkthrough

Walkthrough

The repo-sync workflow checkout step now fetches full git history and no longer disables credential persistence.

Changes

Repo sync checkout settings

Layer / File(s)	Summary
Checkout history settings .github/workflows/repo-sync.yaml	The actions/checkout with: block changes to fetch full git history and remove persist-credentials: false.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly describes the main workflow change: removing persist-credentials so repo-sync can push.
Description check	✅ Passed	The description matches the workflow change and explains the push authentication issue and fix.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix-persist-credentials

---

_{Comment @coderabbitai help to get the list of available commands.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.