From eb2cd442a2b03e3fd40bdb10f37338c0715738ad Mon Sep 17 00:00:00 2001 From: Tobias Glatthar Date: Sun, 9 Jun 2024 12:55:42 +0200 Subject: [PATCH] fix: added docker push permission (#28) --- .github/workflows/pull-request.yaml | 2 -- .github/workflows/release.yml | 4 ++++ .github/workflows/wf-docker-build.yaml | 10 ++++++++++ .github/workflows/wf-lint.yaml | 3 --- 4 files changed, 14 insertions(+), 5 deletions(-) diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index 74e2d98..c891978 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -37,8 +37,6 @@ jobs: with: addon-path: "${{ needs.information.outputs.target }}" yamllint-config: ".yamllint.yaml" - secrets: - token: ${{ secrets.GITHUB_TOKEN }} build: name: 🚀 Build diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 097bc16..18818ab 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -51,6 +51,8 @@ jobs: strategy: matrix: architecture: ${{ fromJson(needs.information.outputs.architectures) }} + permissions: + packages: write with: addon-architecture: ${{ matrix.architecture }} addon-path: ${{ needs.information.outputs.target }} @@ -61,3 +63,5 @@ jobs: ghcr.io/${{ github.repository }}/${{ matrix.architecture }}:${{ needs.information.outputs.version }} ghcr.io/${{ github.repository }}/${{ matrix.architecture }}:${{ needs.information.outputs.environment }} docker-push: true + secrets: + docker-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/wf-docker-build.yaml b/.github/workflows/wf-docker-build.yaml index 26cebf9..c53dd30 100644 --- a/.github/workflows/wf-docker-build.yaml +++ b/.github/workflows/wf-docker-build.yaml @@ -27,6 +27,9 @@ on: required: false type: boolean default: false + secrets: + docker-token: + required: false jobs: build: @@ -47,6 +50,13 @@ jobs: uses: docker/setup-qemu-action@v3.0.0 - name: 🏗 Set up Docker Buildx uses: docker/setup-buildx-action@v3.3.0 + - name: 🏗 Login to ghcr.io + if: ${{ inputs.docker-push }} + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.docker-token }} - name: ℹī¸ Compose build flags id: flags run: | diff --git a/.github/workflows/wf-lint.yaml b/.github/workflows/wf-lint.yaml index fba3bee..98f9c84 100644 --- a/.github/workflows/wf-lint.yaml +++ b/.github/workflows/wf-lint.yaml @@ -11,9 +11,6 @@ on: yamllint-config: required: false type: string - secrets: - token: - required: true jobs: