Files
trebuchet/.gitea/workflows/helm-release.yml
T
Chris Farhood f3d73c9160
CI / Type-check & lint (push) Successful in 52s
CI / Build & push worker image (push) Failing after 1m50s
CI / Build & push API image (push) Failing after 1m50s
ci: use REGISTRY_TOKEN PAT for container registry auth
The auto-provided GITEA_TOKEN doesn't grant write:package scope
in Gitea 1.25 even when permissions.packages: write is declared.
Switch registry logins to a dedicated PAT stored as REGISTRY_TOKEN.
Keep GITEA_TOKEN for semantic-release-gitea API calls.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-16 20:35:51 -04:00

42 lines
1.0 KiB
YAML

name: Helm Chart Release
on:
push:
branches: [main]
paths:
- 'charts/hightower/**'
permissions:
contents: read
packages: write
jobs:
release:
name: Lint, package & push OCI
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Install Helm
uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0
- name: Lint chart
run: helm lint charts/hightower
- name: Package chart
run: |
mkdir -p .helm-packages
helm package charts/hightower -d .helm-packages
- name: Log in to Gitea OCI registry
run: |
echo "${{ secrets.REGISTRY_TOKEN }}" | helm registry login git.farh.net \
--username "${{ github.actor }}" \
--password-stdin
- name: Push chart to Gitea OCI registry
run: |
PACKAGE=$(ls .helm-packages/*.tgz | head -1)
helm push "$PACKAGE" oci://git.farh.net/farhoodlabs/charts