Squashed fix swaps github.token → secrets.REGISTRY_TOKEN at .gitea/workflows/ci.yml:121, matching the proven-green cartsnitch/auth pattern (CAR-1009). Unblocks CAR-1132 production deploy by making the build-and-push job pass registry auth.
QA: PR #49 approved by @cs_charlie (review id 4615); CI run 3439 lint/typecheck/test all green.
Co-authored-by: Barcode Betty <32+cs_betty@noreply.git.farh.net>
Co-committed-by: Barcode Betty <32+cs_betty@noreply.git.farh.net>
The Gitea Actions runner has a corrupted cache for
actions/setup-python@v5: the cloned worktree has unstaged changes and
the runner can't pull refs/heads/v5 cleanly. As a result the cached
dist/setup/index.js is missing and the step fails before any of our
lint commands run. Pin to v4 (different cache key) so the runner
clones a fresh, unmodified copy.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The build-and-push job was running on PRs and trying to log in to the
Gitea Container Registry, which always fails on PRs because the
github.token has no package write permission. Add if:
github.event_name == 'push' so the job is skipped for PRs and the
overall run can stay green.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
- Remove 'cache: pip' from setup-python in lint, typecheck, test jobs to fix
intermittent 'archive/tar: write too long' errors on act_runner pods
- Add CARTSNITCH_SERVICE_KEY and CARTSNITCH_FERNET_KEY to test job env
to satisfy Settings pydantic model requirements
Co-Authored-By: Paperclip <noreply@paperclip.ing>
The on.push and on.pull_request triggers only listed [main, dev].
The deploy-uat job condition checks for refs/heads/uat but the
workflow never fires on uat pushes. Add uat to both trigger lists.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
Barcode Betty
cs_betty
Savannah Savings