release workflow needs the workflows permission

[derekmisler]

Summary

The release workflow was failing because it requires a Personal Access Token (PAT) with the workflows permission to push changes back to the repository. This PR replaces the default github.token with a RELEASE_TOKEN secret in two places within the release workflow, and bumps CAGENT_VERSION to v1.27.1.

Changes

• .github/workflows/release.yml: Passes secrets.RELEASE_TOKEN as the token for the actions/checkout step (enabling authenticated pushes with the necessary workflows permission) and replaces github.token with secrets.RELEASE_TOKEN for the gh release create step.
• CAGENT_VERSION: Bumped from v1.27.0 to v1.27.1.

How to Test

• Trigger the release workflow and confirm it completes without permission errors when pushing back to the repository or creating a GitHub Release.
• Verify the RELEASE_TOKEN secret is configured in the repository settings with the workflows scope before running.

[derekmisler]

/review

[docker-agent]

Review Summary

Looks good! The changes properly address the GitHub security requirement for the workflows write permission. The code correctly references secrets.RELEASE_TOKEN in both the checkout action and the gh release create command. The implementation is syntactically correct and follows GitHub Actions best practices.

Note: Ensure that the RELEASE_TOKEN secret is configured in the repository settings with the appropriate permissions (contents: write and workflows: write) before merging.

[derekmisler]

/describe

[docker-agent]

✅ PR description has been generated and updated!

[docker-agent]

Review Summary

This PR correctly switches from github.token to secrets.RELEASE_TOKEN to gain the workflows: write permission required by GitHub's push protection when creating releases that modify workflow files.

All code changes are appropriate for the stated purpose. No bugs found in the changed code.