farhoodlabs/trebuchet
8
0
Fork 0
Code Issues Pull Requests 5 Actions Packages Projects Releases Wiki Activity

ci: use REGISTRY_TOKEN PAT for container registry auth
CI / Type-check & lint (push) Successful in 52s
Details
CI / Build & push worker image (push) Failing after 1m50s
Details
CI / Build & push API image (push) Failing after 1m50s
Details

Browse Source 
The auto-provided GITEA_TOKEN doesn't grant write:package scope
in Gitea 1.25 even when permissions.packages: write is declared.
Switch registry logins to a dedicated PAT stored as REGISTRY_TOKEN.
Keep GITEA_TOKEN for semantic-release-gitea API calls.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Chris Farhood
2026-05-16 20:35:51 -04:00
parent a6da45f6bf
commit f3d73c9160
5 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/ci.yml
+2 -2
View File
@@ -60,7 +60,7 @@ jobs:
with:
registry: git.farh.net
username: ${{ github.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Build and push worker image
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
@@ -92,7 +92,7 @@ jobs:
with:
registry: git.farh.net
username: ${{ github.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Build and push API image
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
.gitea/workflows/helm-release.yml
+1 -1
View File
@@ -31,7 +31,7 @@ jobs:
- name: Log in to Gitea OCI registry
run: |
echo "${{ secrets.GITEA_TOKEN }}" | helm registry login git.farh.net \
echo "${{ secrets.REGISTRY_TOKEN }}" | helm registry login git.farh.net \
--username "${{ github.actor }}" \
--password-stdin
.gitea/workflows/release-beta.yml
+3 -3
View File
@@ -63,7 +63,7 @@ jobs:
with:
registry: git.farh.net
username: ${{ github.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Build and push worker image
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
@@ -94,7 +94,7 @@ jobs:
with:
registry: git.farh.net
username: ${{ github.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Build and push API image
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
@@ -126,7 +126,7 @@ jobs:
with:
registry: git.farh.net
username: ${{ github.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Inspect worker image
id: inspect-worker
.gitea/workflows/release.yml
+3 -3
View File
@@ -78,7 +78,7 @@ jobs:
with:
registry: git.farh.net
username: ${{ github.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Build and push worker image
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
@@ -112,7 +112,7 @@ jobs:
with:
registry: git.farh.net
username: ${{ github.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Build and push API image
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
@@ -146,7 +146,7 @@ jobs:
with:
registry: git.farh.net
username: ${{ github.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Inspect worker image
id: inspect-worker
.gitea/workflows/rollback.yml
+1 -1
View File
@@ -79,7 +79,7 @@ jobs:
with:
registry: git.farh.net
username: ${{ github.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Verify Docker image tag exists
run: docker buildx imagetools inspect "git.farh.net/farhoodlabs/trebuchet:${{ steps.target.outputs.version }}"