daviestechlabs/stt-module
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: switch Docker registry to HTTPS endpoint with login-action
Some checks failed
CI / Lint (push) Successful in 3m16s
Details
CI / Test (push) Successful in 2m55s
Details
CI / Release (push) Successful in 1m39s
Details
CI / Docker Build & Push (push) Failing after 8m25s
Details
CI / Notify (push) Successful in 2s
Details

Browse Source 
- Replace gitea-http.gitea.svc.cluster.local:3000 with registry.lab.daviestechlabs.io
- Use docker/login-action@v3 for Gitea registry auth (proper buildx integration)
- Remove manual base64 auth to ~/.docker/config.json (not picked up by buildkit)
- Remove insecure registry daemon.json config and Docker restart
- Remove buildkitd insecure registry config
- Remove cache-from/cache-to type=gha (not supported on Gitea Actions)

Fixes 401 Unauthorized: reqPackageAccess on Docker push
This commit is contained in:
Billy Davies
2026-02-21 18:05:44 -05:00
parent 0df27901c9
commit c20a2f8097
1 changed files with 9 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
.gitea/workflows/build-push.yaml
View File

@@ -9,8 +9,8 @@ on:
env:
NTFY_URL: http://ntfy.observability.svc.cluster.local:80
GOPRIVATE: git.daviestechlabs.io
REGISTRY: gitea-http.gitea.svc.cluster.local:3000/daviestechlabs
REGISTRY_HOST: gitea-http.gitea.svc.cluster.local:3000
REGISTRY: registry.lab.daviestechlabs.io/daviestechlabs
REGISTRY_HOST: registry.lab.daviestechlabs.io
IMAGE_NAME: stt-module
jobs:
@@ -123,11 +123,13 @@ jobs:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Gitea Registry
uses: docker/login-action@v3
with:
buildkitd-config-inline: |
[registry."gitea-http.gitea.svc.cluster.local:3000"]
http = true
insecure = true
registry: ${{ env.REGISTRY_HOST }}
username: ${{ secrets.REGISTRY_USER }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Login to Docker Hub
if: vars.DOCKERHUB_USERNAME != ''
@@ -136,28 +138,6 @@ jobs:
username: ${{ vars.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Configure Docker for insecure registry
run: |
sudo mkdir -p /etc/docker
echo '{"insecure-registries": ["${{ env.REGISTRY_HOST }}"]}' | sudo tee /etc/docker/daemon.json
sudo systemctl restart docker || sudo service docker restart || true
sleep 2
- name: Login to Gitea Registry
run: |
AUTH=$(echo -n "${{ secrets.REGISTRY_USER }}:${{ secrets.REGISTRY_TOKEN }}" | base64 -w0)
mkdir -p ~/.docker
cat > ~/.docker/config.json << EOF
{
"auths": {
"${{ env.REGISTRY_HOST }}": {
"auth": "$AUTH"
}
}
}
EOF
echo "Auth configured for ${{ env.REGISTRY_HOST }}"
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
@@ -175,8 +155,7 @@ jobs:
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
notify:
name: Notify