3 Commits

Author SHA1 Message Date
ea08181619 fix: use docker login CLI instead of login-action for Gitea compat
Some checks failed
CI / Test (push) Successful in 2m36s
CI / Lint (push) Successful in 2m31s
CI / Release (push) Successful in 1m18s
CI / Docker Build & Push (push) Failing after 5m29s
CI / Notify (push) Has been cancelled
docker/login-action@v3 fails with 'Username and password required' on
Gitea Actions — secrets not passed to action with: inputs. Switch to
direct docker login CLI which reliably interpolates secrets in run: steps.
2026-02-21 19:34:29 -05:00
c4fd58c951 fix: switch Docker registry to HTTPS endpoint with login-action
Some checks failed
CI / Test (push) Successful in 3m12s
CI / Release (push) Successful in 1m33s
CI / Lint (push) Successful in 2m55s
CI / Docker Build & Push (push) Failing after 8m26s
CI / Notify (push) Successful in 2s
- Replace gitea-http.gitea.svc.cluster.local:3000 with registry.lab.daviestechlabs.io
- Use docker/login-action@v3 for Gitea registry auth (proper buildx integration)
- Remove manual base64 auth to ~/.docker/config.json (not picked up by buildkit)
- Remove insecure registry daemon.json config and Docker restart
- Remove buildkitd insecure registry config
- Remove cache-from/cache-to type=gha (not supported on Gitea Actions)

Fixes 401 Unauthorized: reqPackageAccess on Docker push
2026-02-21 18:05:42 -05:00
0df7a8cdbb fix: use config.json auth for Gitea registry login
Some checks failed
CI / Lint (push) Successful in 56s
CI / Test (push) Successful in 53s
CI / Release (push) Successful in 5s
CI / Docker Build & Push (push) Failing after 2m2s
CI / Notify (push) Successful in 2s
docker login --password-stdin fails on act runner (non-TTY).
Use base64 auth in ~/.docker/config.json instead, matching
the kuberay-images pattern.
2026-02-14 09:21:46 -05:00

View File

@@ -8,8 +8,8 @@ on:
env: env:
NTFY_URL: http://ntfy.observability.svc.cluster.local:80 NTFY_URL: http://ntfy.observability.svc.cluster.local:80
REGISTRY: gitea-http.gitea.svc.cluster.local:3000/daviestechlabs REGISTRY: registry.lab.daviestechlabs.io/daviestechlabs
REGISTRY_HOST: gitea-http.gitea.svc.cluster.local:3000 REGISTRY_HOST: registry.lab.daviestechlabs.io
IMAGE_NAME: ntfy-discord IMAGE_NAME: ntfy-discord
jobs: jobs:
@@ -116,29 +116,13 @@ jobs:
- name: Set up Docker Buildx - name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3 uses: docker/setup-buildx-action@v3
with:
buildkitd-config-inline: | - name: Login to Gitea Registry
[registry."gitea-http.gitea.svc.cluster.local:3000"] run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login "${{ env.REGISTRY_HOST }}" -u "${{ secrets.REGISTRY_USER }}" --password-stdin
http = true
insecure = true
- name: Login to Docker Hub - name: Login to Docker Hub
if: vars.DOCKERHUB_USERNAME != '' if: vars.DOCKERHUB_USERNAME != ''
uses: docker/login-action@v3 run: echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ vars.DOCKERHUB_USERNAME }}" --password-stdin
with:
username: ${{ vars.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Configure Docker for insecure registry
run: |
sudo mkdir -p /etc/docker
echo '{"insecure-registries": ["${{ env.REGISTRY_HOST }}"]}' | sudo tee /etc/docker/daemon.json
sudo systemctl restart docker || sudo service docker restart || true
sleep 2
- name: Login to Gitea Registry
run: |
echo "${{ secrets.REGISTRY_TOKEN }}" | docker login ${{ env.REGISTRY_HOST }} -u ${{ secrets.REGISTRY_USER }} --password-stdin
- name: Extract metadata - name: Extract metadata
id: meta id: meta
@@ -157,8 +141,7 @@ jobs:
push: true push: true
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
notify: notify:
name: Notify name: Notify