ci: use REGISTRY_TOKEN PAT for Gitea container registry login
Some checks failed
Build & Publish Docker Image / build-and-push (push) Failing after 24s
Some checks failed
Build & Publish Docker Image / build-and-push (push) Failing after 24s
The auto-issued GITEA_TOKEN in Actions does not carry write:package scope, so the docker login step failed with 'unauthorized'. Switching to a user- supplied secret REGISTRY_TOKEN (PAT with write:package + read:package). Setup on Gitea side: 1. Profile → Settings → Applications → Generate New Token with scopes write:package + read:package. 2. Repo → Settings → Actions → Secrets → add REGISTRY_TOKEN = <that PAT>. Optional: REGISTRY_USER if the owning account differs from gitea.actor. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -25,11 +25,16 @@ jobs:
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Log in to Gitea container registry
|
||||
# Uses a personal access token (PAT) with write:package scope.
|
||||
# The default GITEA_TOKEN cannot push to the container registry.
|
||||
# Create the PAT under User Settings → Applications, add it as a repo
|
||||
# secret named REGISTRY_TOKEN, and (optionally) REGISTRY_USER if the
|
||||
# owning account differs from ${{ gitea.actor }}.
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ gitea.actor }}
|
||||
password: ${{ secrets.GITEA_TOKEN }}
|
||||
username: ${{ secrets.REGISTRY_USER || gitea.actor }}
|
||||
password: ${{ secrets.REGISTRY_TOKEN }}
|
||||
|
||||
- name: Derive tags
|
||||
id: meta
|
||||
|
||||
Reference in New Issue
Block a user