trebuchet

Author	SHA1	Message	Date
Chris Farhood	ff32ec85c5	chore: move .github folder to .gitea for Gitea compatibility CI / Type-check & lint (pull_request) Successful in 15s Details CI / Build & push worker image (pull_request) Has been skipped Details CI / Build & push API image (pull_request) Has been skipped Details Gitea prefers .gitea/ISSUE_TEMPLATE/ and .gitea/workflows/ over the GitHub-convention .github/ equivalents. Moves all issue templates and workflow files to the Gitea-native paths and updates CLAUDE.md references. Cosign certificate identity paths in release/rollback workflows are intentionally left unchanged — they reference the signing identity from prior workflow runs and will need a separate update when the CI signing infrastructure migrates. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-18 15:56:05 +00:00
Chris Farhood	48c0351be3	ci: switch back to REGISTRY_TOKEN PAT for registry auth CI / Type-check & lint (push) Successful in 15s Details CI / Build & push API image (push) Successful in 1m2s Details CI / Build & push worker image (push) Successful in 3m6s Details Even on Gitea 1.26 the auto-token still hits the registry with 401 in this environment. Use the gitea-admin PAT stored as REGISTRY_TOKEN. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-16 21:09:46 -04:00
Chris Farhood	5c7e4d45d4	ci: revert to auto GITEA_TOKEN for registry auth CI / Type-check & lint (push) Successful in 15s Details CI / Build & push worker image (push) Failing after 8s Details CI / Build & push API image (push) Failing after 8s Details Gitea 1.26 (PR #36173) honors permissions.packages: write on the auto-provided GITEA_TOKEN, so the PAT workaround is no longer needed. You can delete the REGISTRY_TOKEN org secret. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-16 21:02:41 -04:00
Chris Farhood	8fe637e0e2	ci: pin registry login username to gitea-admin CI / Type-check & lint (push) Successful in 15s Details CI / Build & push worker image (push) Failing after 7s Details CI / Build & push API image (push) Failing after 8s Details REGISTRY_TOKEN was created under the gitea-admin user, so the docker/helm registry username must match. Using github.actor would fail for any other workflow-triggering user. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-16 20:40:28 -04:00
Chris Farhood	f3d73c9160	ci: use REGISTRY_TOKEN PAT for container registry auth CI / Type-check & lint (push) Successful in 52s Details CI / Build & push worker image (push) Failing after 1m50s Details CI / Build & push API image (push) Failing after 1m50s Details The auto-provided GITEA_TOKEN doesn't grant write:package scope in Gitea 1.25 even when permissions.packages: write is declared. Switch registry logins to a dedicated PAT stored as REGISTRY_TOKEN. Keep GITEA_TOKEN for semantic-release-gitea API calls. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-16 20:35:51 -04:00
Chris Farhood	262a8be326	ci: migrate from GitHub Actions to Gitea Actions Helm Chart Release / Lint, package & push OCI (push) Failing after 12s Details CI / Type-check & lint (push) Failing after 37s Details CI / Build & push API image (push) Has been skipped Details CI / Build & push worker image (push) Has been skipped Details Move workflows to .gitea/workflows and adapt for git.farh.net: - Push container images to git.farh.net instead of GHCR/Docker Hub - Publish Helm chart as OCI artifact (no gh-pages, Gitea lacks Pages) - Replace cosign keyless signing with key-based (COSIGN_PRIVATE_KEY/PASSWORD/PUBLIC_KEY) - Swap @semantic-release/github for semantic-release-gitea - Drop gh CLI from rollback workflow - Use GITEA_TOKEN for registry auth and release creation - Add Artifact Hub annotations to Chart.yaml - Run on ubuntu-latest Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-16 18:55:32 -04:00

6 Commits