fix(workflows): restore git push credentials in workflows that use pe…

[vpomerleau]

Because

• A prior security hardening commit added persist-credentials: false to all checkouts across three workflows. While appropriate for read-only checkouts, this setting strips the credential helper from the git config, which broke git push in any checkout that a subsequent push step depends on. The affected checkouts were the gh-pages branch checkouts in cleanup-storybooks and deploy-storybooks, and the sole checkout in tag-release.

This pull request

• Removes persist-credentials: false from the specific checkouts that feed into push steps, while leaving it in place on read-only checkouts (e.g. the main-repo script checkout in cleanup-storybooks and the repo checkout in deploy-storybooks). This restores implicit GITHUB_TOKEN credential persistence for those steps without widening the credential scope of unrelated checkouts in the same job.

Issue that this pull request solves

Closes: (issue number)

Checklist

Put an x in the boxes that apply

• My commit is GPG signed.
• If applicable, I have modified or added tests which pass locally.
• I have added necessary documentation (if appropriate).
• I have verified that my changes render correctly in RTL (if appropriate).

Screenshots (Optional)

Please attach the screenshots of the changes made in case of change in user interface.

Other information (Optional)

This is a partial revert of changes in #20120, which was causing failures for some workflows.

[MagentaManifold]

Lemme rebase my own branch onto this fix and see if it works

[MagentaManifold]

Can confirm that this fixes the issue with storybook uploading/cleanup 👍 Not too sure about tag release since idk how to try it out, but it can't go any worse