ci: use GitHub Actions token instead of chatops/release_notes secrets

It seems more secure to use the controlled & limited token than an
ambient secret.

.github/workflows/main.yml

@@ -204,7 +204,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 30
     permissions:
-      contents: read
+      contents: write
 
     needs: [build]
 
@@ -236,7 +236,7 @@ jobs:
 
     - name: Publish GitHub release notes
       env:
-        GH_RELEASE_NOTES_TOKEN: ${{ secrets.release_notes }}
+        GH_RELEASE_NOTES_TOKEN: ${{ github.token }}
       run: |
         sudo apt-get install pandoc
         tox -e publish-gh-release-notes