Use dedicated REGISTRY_TOKEN with packages scope instead of built-in GITEA_TOKEN
Build & Deploy / Build & Push Docker Image (push) Successful in 52s
Test / API Unit Tests (push) Successful in 9m48s
Test / Marketplace Unit Tests (push) Successful in 9m38s
Test / Admin Unit Tests (push) Successful in 9m37s
Test / Dashboard Unit Tests (push) Successful in 9m38s
Test / API Integration Tests (push) Successful in 9m50s
Build & Deploy / Deploy to VPS (push) Successful in 2s
Build & Deploy / Build & Push Docker Image (push) Successful in 52s
Test / API Unit Tests (push) Successful in 9m48s
Test / Marketplace Unit Tests (push) Successful in 9m38s
Test / Admin Unit Tests (push) Successful in 9m37s
Test / Dashboard Unit Tests (push) Successful in 9m38s
Test / API Integration Tests (push) Successful in 9m50s
Build & Deploy / Deploy to VPS (push) Successful in 2s
The built-in GITEA_TOKEN lacks read:packages/write:packages scopes, causing 403 Forbidden when authenticating with the Gitea container registry.
This commit is contained in:
@@ -45,7 +45,7 @@ jobs:
|
||||
- name: Check Docker registry credentials
|
||||
id: registry-check
|
||||
run: |
|
||||
if [ -n "${{ secrets.GITEA_TOKEN }}" ]; then
|
||||
if [ -n "${{ secrets.REGISTRY_TOKEN }}" ]; then
|
||||
echo "available=true" >> "$GITHUB_OUTPUT"
|
||||
else
|
||||
echo "available=false" >> "$GITHUB_OUTPUT"
|
||||
@@ -60,7 +60,7 @@ jobs:
|
||||
- name: Log in to Gitea Container Registry
|
||||
if: steps.registry-check.outputs.available == 'true'
|
||||
run: |
|
||||
echo "${{ secrets.GITEA_TOKEN }}" | \
|
||||
echo "${{ secrets.REGISTRY_TOKEN }}" | \
|
||||
docker login "$REGISTRY_HOST" \
|
||||
-u "${{ gitea.actor }}" \
|
||||
--password-stdin
|
||||
@@ -143,7 +143,7 @@ jobs:
|
||||
- name: Run deploy script on VPS
|
||||
if: steps.check-creds.outputs.skip == 'false'
|
||||
run: |
|
||||
REGISTRY_PASSWORD_B64="$(printf '%s' "${{ secrets.GITEA_TOKEN }}" | base64 | tr -d '\n')"
|
||||
REGISTRY_PASSWORD_B64="$(printf '%s' "${{ secrets.REGISTRY_TOKEN }}" | base64 | tr -d '\n')"
|
||||
ssh "${{ secrets.VPS_USER }}@${{ secrets.VPS_IP }}" "
|
||||
set -e
|
||||
cd '$DEPLOY_ROOT'
|
||||
|
||||
Reference in New Issue
Block a user