claude/kochwas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f7fe2160899c6c123351b6a993e39ed4d76dcc71
kochwas/.gitea/workflows/docker.yml
Hendrik f7fe216089
Some checks failed
Build & Publish Docker Image / build-and-push (push) Failing after 24s
Details
ci: use REGISTRY_TOKEN PAT for Gitea container registry login 
The auto-issued GITEA_TOKEN in Actions does not carry write:package scope,
so the docker login step failed with 'unauthorized'. Switching to a user-
supplied secret REGISTRY_TOKEN (PAT with write:package + read:package).

Setup on Gitea side:
1. Profile → Settings → Applications → Generate New Token
   with scopes write:package + read:package.
2. Repo → Settings → Actions → Secrets → add REGISTRY_TOKEN = <that PAT>.
   Optional: REGISTRY_USER if the owning account differs from gitea.actor.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-17 16:10:00 +02:00

62 lines
1.9 KiB
YAML
Raw Blame History

name: Build & Publish Docker Image
on:
push:
branches: [main]
tags: ['v*']
workflow_dispatch:
env:
REGISTRY: gitea.siegeln.net
IMAGE_NAME: ${{ gitea.repository }}
jobs:
build-and-push:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Gitea container registry
# Uses a personal access token (PAT) with write:package scope.
# The default GITEA_TOKEN cannot push to the container registry.
# Create the PAT under User Settings → Applications, add it as a repo
# secret named REGISTRY_TOKEN, and (optionally) REGISTRY_USER if the
# owning account differs from ${{ gitea.actor }}.
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.REGISTRY_USER || gitea.actor }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Derive tags
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=tag
type=sha,format=short
type=raw,value=latest,enable=${{ gitea.ref == 'refs/heads/main' }}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: .
push: true
# Target: Raspberry Pi 5 (arm64). Runner is arm64 too, so this is native + fast.
# amd64 is buildable locally via `docker build` on dev machines.
platforms: linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
Reference in New Issue View Git Blame Copy Permalink