fix: correct YAML mappings for workflow secrets and tokens

.github/workflows/docker-publish.yml

@@ -169,7 +169,7 @@ jobs:
         uses: github/codeql-action/upload-sarif@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5
         with:
           sarif_file: 'trivy-results.sarif'
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ secrets.CHARON_TOKEN }}
 
       - name: Create summary
         if: steps.skip.outputs.skip_build != 'true'