Git Push with AGit Push options fails with unclear error when used from a Gitea Action

[punmechanic]

Description

I am trying to create an action that a user may call to perform some action against a git ops repository, which results in a file being created, and then a pull request being made on behalf of that user.

With Github, I might accomplish this by using the Github API; with Gitea, I'm trying to use AGit push instead. I configure the Git instance to use an email address of a service account which does exist on my local Gitea instance, although the error message I see displays the same regardless of the existence of the account or not.

A MCVE is as follows:

$ cat .gitea/workflows/sandbox.yaml
on:
    workflow_dispatch: {}

jobs:
  register:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - run: |
          echo "{}" >> foo.json
      - name: Commit and push changes
        run: |
          git config --global user.name 'Automation Worker'
          git config --global user.email 'automation@users.noreply.gitea.com'
          git add foo.json
          git commit -m "Adding something important"
          git push \
            -o topic="Topic name goes here" \
            -o title="Adding something important" \
            origin \
            HEAD:refs/for/main

Triggering this workflow will result in the following output in the Gitea Actions console:

[main ea4ee04] Adding something important
 1 file changed, 1 insertion(+)
 create mode 100644 foo.json
remote: Gitea: Internal Server Error (no message for end users)        
remote: error: proc-receive exited abnormally        
To https://git.aredherring.tech/dan/sandbox
 ! [remote rejected] HEAD -> refs/for/main (fail to run proc-receive hook)
error: failed to push some refs to 'https://git.aredherring.tech/dan/sandbox'

The Gitea logs appear to indicate that this is an authentication issue (see attached).

If this is an error because the Gitea action is not authenticated to push commits on behalf of an end-user, which seems reasonable. I'd expect an error indicating that the user is not authenticated, not that it does not exist.

Since this error appears to occur with or without user.email being set to a matching user, and there is no prompt for authorization within the Github Action, my expectation is that there is an error in the pre-receive hook when using AGit.

In any case, the error message reported to the end user should be clearer than it is, but I am leaning toward this being a bug given the error message is a 5XX.

If there is an alternative suggested approach for what I am trying to do I would appreciate some guidance.

Gitea Version

1.23.7

Can you reproduce the bug on the Gitea demo site?

No (no runners on demo site)

Log Gist

https://gist.github.com/punmechanic/08c237e953ba810a968b3898c03599df

Screenshots

No response

Git Version

whatever the default is in the latest image

Operating System

linux

How are you running Gitea?

Run via docker-compose:

  gitea:
    image: gitea/gitea:latest
    environment:
      - USER_UID=1000
      - USER_GID=1000
    volumes:
      - gitea_data:/data
      - ./gitea/app.ini:/custom/conf/app.ini
    networks:
      - load_balancer
      - gitea_ci

gitea/gitea:latest as of posting is sha256:14efd9d88df591c9c81a7ed7666bb5945742a7799a852617cd0e1cf79974c1c8.

gitea/app.ini has only one setting:

[server]
ROOT_URL = https://git.aredherring.tech

Database

SQLite