forked from cartsnitch/app
Barcode Betty
4035e7d3c0
The deploy-dev and deploy-uat jobs were using secrets.GITEA_DEPLOY_KEY, which is a deploy key scoped only to cartsnitch/app and never had its public counterpart added to cartsnitch/infra. The empty secret resolved to an empty token, causing actions/checkout to fail with 'Input required and not supplied: token' and the job to surface as a 403 Forbidden on the cross-repo clone. Switch both jobs to use secrets.REGISTRY_TOKEN, the existing Gitea PAT already used in this workflow for the container registry login. As a Gitea PAT it carries the broader scope (write:repository, write:package) required for both the cross-repo checkout and the subsequent push back to cartsnitch/infra on main. Co-Authored-By: Paperclip <noreply@paperclip.ing>