fix: authenticate to container registry with a package-scoped PAT
Build and publish container / build (pull_request) Successful in 2m7s
Build and publish container / build (pull_request) Successful in 2m7s
The auto-provided GITEA_TOKEN does not carry container registry write permission on most Gitea instances, causing docker login to fail with "unauthorized". Use a Personal Access Token supplied via the PACKAGES_TOKEN secret, with the package namespace owner as the username. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Emma Thorpe
@@ -23,13 +23,16 @@ jobs:
|
||||
- name: Set up Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
# Uses a Personal Access Token with package read/write scope, stored as
|
||||
# the PACKAGES_TOKEN secret. The auto-provided GITEA_TOKEN does not carry
|
||||
# container-registry write permission on most Gitea instances.
|
||||
- name: Log in to the Gitea container registry
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITEA_TOKEN }}
|
||||
username: ${{ github.repository_owner }}
|
||||
password: ${{ secrets.PACKAGES_TOKEN }}
|
||||
|
||||
- name: Extract image metadata
|
||||
id: meta
|
||||
|
||||
Reference in New Issue
Block a user