Improve workflows: Add GitHub token support for Trivy scans

Enhancements:
- Add GITHUB_TOKEN environment variable to security and release workflows
- Enable better rate limits for Trivy vulnerability scanner
- Add continue-on-error for resilient security scans
- Add GitHub token availability check with helpful messages
- Update documentation with GitHub token setup instructions

 Security Benefits:
- Reduced API rate limiting issues
- More reliable vulnerability scanning
- Better error handling and user feedback
- Improved workflow stability

 Documentation:
- Added GitHub token setup guide in GITEA_WORKFLOWS.md
- Clear instructions for repository secret configuration

.gitea/workflows/release.yml

@@ -156,6 +156,8 @@ jobs:
         image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.create-release.outputs.version }}
         format: 'sarif'
         output: 'trivy-results.sarif'
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         
     - name: Upload Trivy scan results
       uses: actions/upload-artifact@v3

docs/GITEA_WORKFLOWS.md

@@ -99,11 +99,18 @@ Configure these secrets in your Gitea repository settings:
 
 ```bash
 GITEA_TOKEN          # Gitea access token for container registry
+GITHUB_TOKEN         # GitHub personal access token for better rate limits
 SLACK_WEBHOOK_URL    # Optional: Slack notifications
 STAGING_WEBHOOK_URL  # Optional: Staging deployment webhook
 PRODUCTION_WEBHOOK_URL # Optional: Production deployment webhook
 ```
 
+**Setting up GitHub Token:**
+1. Go to GitHub → Settings → Developer settings → Personal access tokens
+2. Generate a new token with `public_repo` scope (for public repos) or `repo` scope (for private repos)
+3. Copy the token
+4. In your Gitea repository → Settings → Secrets → Add `GITHUB_TOKEN` with the copied value
+
 ### **Environment Variables**
 
 Key environment variables used across workflows: