Avoid listing org packages where job token doesn't have access

[mering]

Follow-up on #23 but now including a fix to taking the special case into account where package_name doesn't exist.

Unfortunately, I can't run the tests as I don't have access to create the packages for testing (403 permission denied).

---

This allows using the job token directly.

Example workflow:

permissions:
  packages: write

jobs:
  cleanup-images:
    runs-on: ubuntu-22.04
    steps:
      - name: Cleanup untagged images
        uses: mering/delete-untagged-ghcr-action@main
        with:
          token: ${{ github.token }}
          repository_owner: ${{ github.repository_owner }}
          repository: ${{ github.repository }}
          package_name: IMAGE_NAME
          untagged_only: true
          owner_type: org

[mering]

@Chizkiyahu friendly ping

[Chizkiyahu]

@mering
Thank you for the ping and sorry
fails logs

Traceback (most recent call last):
  File "/home/runner/work/delete-untagged-ghcr-action/delete-untagged-ghcr-action/.//clean_ghcr.py", line 237, in <module>
    delete_pkgs(
  File "/home/runner/work/delete-untagged-ghcr-action/delete-untagged-ghcr-action/.//clean_ghcr.py", line 149, in delete_pkgs
    packages = get_list_packages(
  File "/home/runner/work/delete-untagged-ghcr-action/delete-untagged-ghcr-action/.//clean_ghcr.py", line 60, in get_list_packages
    response = requests.get(url, headers=get_base_headers(), params=params)
NameError: name 'params' is not defined```

if the tests are falling try to run them on your fork 
with `PAT_TOKEN`  secret

[mering]

Latest version has been tested in my fork and all tests pass. Prefer GITHUB_TOKEN where possible.

[mering]

Oh, I see that the maximum permissions for pull GITHUB_TOKEN for pull requests from public forked repositories are read according to the docs. I will revert the test workflow to using the PAT secret.

[mering]

This should be working now also for the PR workflow.

[mering]

Running workflows from forks seems difficult. I updated the user name to match the one from PAT.

[Chizkiyahu]

@mering
It look like something is broken in "delete all package in repo"
my test are not really a good test
because they not check if pkg is created and deleted
you needs to check that manual
I am debugging that now

[mering]

I checked and access to secrets isn't possible for pull requests from public forks....

I guess the problem is that a package does not have the repository property when it is not uploaded with GITHUB_TOKEN but this token never has write permissions when running from a public fork. I reverted the last two commits and confirmed in my repo that this fixes the problem (you need to manually clean all packages before starting the run as the job token doesn't have access to remove an image created with the PAT).

[Chizkiyahu]

@mering
I merged #30
I change some stuff because of bugs (yes my test can improve). but the code broke them

[Chizkiyahu]

@mering
please open issues if my code does not solve your problem
or you found any bug