masterElmar/hitstar
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: enhance git clone and registry login steps with improved token handling
Some checks failed
Build and Push Docker Image / docker (push) Failing after 5s
Details

Browse Source
This commit is contained in:
Elmar Kresse
2025-09-04 17:33:25 +02:00
parent 0b2ae33098
commit eca0891f74
1 changed files with 25 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
.gitea/workflows/docker-build-push.yml
View File

@@ -28,19 +28,33 @@ jobs:
- name: Checkout (git)
env:
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
run: |
set -eu
apk add --no-cache git ca-certificates
TOKEN="${GITEA_TOKEN:-${REGISTRY_TOKEN:-}}"
REF="$GITHUB_REF"
REPO_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY"
if echo "$REF" | grep -q '^refs/heads/'; then
NAME=${REF#refs/heads/}
git -c http.extraHeader="Authorization: Bearer $GITEA_TOKEN" clone --depth 1 --branch "$NAME" "$REPO_URL" .
if [ -n "$TOKEN" ]; then
git -c http.extraHeader="Authorization: Bearer $TOKEN" clone --depth 1 --branch "$NAME" "$REPO_URL" .
else
git clone --depth 1 --branch "$NAME" "$REPO_URL" .
fi
elif echo "$REF" | grep -q '^refs/tags/'; then
NAME=${REF#refs/tags/}
git -c http.extraHeader="Authorization: Bearer $GITEA_TOKEN" clone --depth 1 --branch "$NAME" "$REPO_URL" .
if [ -n "$TOKEN" ]; then
git -c http.extraHeader="Authorization: Bearer $TOKEN" clone --depth 1 --branch "$NAME" "$REPO_URL" .
else
git clone --depth 1 --branch "$NAME" "$REPO_URL" .
fi
else
git -c http.extraHeader="Authorization: Bearer $GITEA_TOKEN" clone --depth 1 "$REPO_URL" .
if [ -n "$TOKEN" ]; then
git -c http.extraHeader="Authorization: Bearer $TOKEN" clone --depth 1 "$REPO_URL" .
else
git clone --depth 1 "$REPO_URL" .
fi
git fetch --depth 1 origin "$GITHUB_SHA"
git checkout --detach "$GITHUB_SHA"
fi
@@ -138,22 +152,28 @@ jobs:
env:
REGISTRY: ${{ steps.vars.outputs.registry }}
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
run: |
set -eu
apk add --no-cache curl >/dev/null 2>&1 || true
USER_NAME="${REGISTRY_USERNAME:-$GITHUB_ACTOR}"
CODE=$(curl -sS -u "$USER_NAME:${{ secrets.GITEA_TOKEN }}" -o /dev/null -w "%{http_code}" "https://$REGISTRY/v2/") || CODE=000
CODE=$(curl -sS -u "$USER_NAME:${REGISTRY_TOKEN}" -o /dev/null -w "%{http_code}" "https://$REGISTRY/v2/") || CODE=000
echo "Basic auth probe to https://$REGISTRY/v2/ returned HTTP $CODE"
- name: Log in to Gitea Registry
env:
REGISTRY: ${{ steps.vars.outputs.registry }}
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
run: |
set -eu
USER_NAME="${REGISTRY_USERNAME:-$GITHUB_ACTOR}"
echo "Logging into $REGISTRY as $USER_NAME"
echo "${{ secrets.GITEA_TOKEN }}" | docker login "$REGISTRY" -u "$USER_NAME" --password-stdin
if echo "$REGISTRY" | grep -q '^https\?://'; then REG_HOST="$REGISTRY"; else REG_HOST="$REGISTRY"; fi
if ! echo "$REGISTRY_TOKEN" | docker login "$REG_HOST" -u "$USER_NAME" --password-stdin; then
echo "First login attempt failed, trying with explicit /v2/ endpoint"
echo "$REGISTRY_TOKEN" | docker login "https://$REGISTRY/v2/" -u "$USER_NAME" --password-stdin
fi
- name: Ensure buildx builder
run: |