fix CI not being allowed to push container image

2026-05-14 19:07:06 +02:00 · 2026-05-14 19:07:06 +02:00 · c1834a28ed
commit c1834a28ed
parent f133a491b2
1 changed files with 20 additions and 8 deletions
--- a/.forgejo/workflows/container.yml
+++ b/.forgejo/workflows/container.yml
@ -4,9 +4,6 @@ on:
  workflow_dispatch: {}
  push: {}
 permissions:
  packages: write
 jobs:
  build-container:
    name: Build Container
@ -14,24 +11,39 @@ jobs:
    container:
      image: ghcr.io/osscontainertools/kaniko:alpine
    steps:
-      - name: Install NodeJS for actions compatibility
+      - name: Install required system packages compatibility
        run: apk add --no-cache nodejs
      - name: Checkout source code
        uses: actions/checkout@v6
      - name: Login to container registry (prod only)
        if: ${{ forgejo.ref_name == 'main' }}
-        run: /kaniko/executor login --username="forgejo-actions" --password="${{ forgejo.token }}" git.hamburg.ccc.de
+        run: /kaniko/executor login --username="forgejo-actions" --password="${{ secrets.PACKAGES_TOKEN }}" git.hamburg.ccc.de
      - run: |
          echo "--- cating file ---"
          cat /root/.docker/config.json
          echo "--- end of file ---"
      - name: Build Container
-        env:
+        # env:
-          KANIKO_NO_PUSH: ${{ forgejo.ref_name != 'main' }}
+        #   KANIKO_NO_PUSH: ${{ forgejo.ref_name != 'main' }}
        run: /kaniko/executor
          --dockerfile="${{forgejo.workspace }}/Containerfile"
          --context="dir://${{ forgejo.workspace }}"
          --destination=git.hamburg.ccc.de/ccchh/dooris:latest
-          --credential-helpers=env
+          --tar-path=${{ forgejo.workspace }}/image.tar
          --no-push
          --no-push-cache
          --annotation=org.opencontainers.image.ref.name=dooris
          --annotation=org.opencontainers.image.url=${{ forgejo.server_url }}/${{ forgejo.repository }}
          --annotation=org.opencontainers.image.source=${{ forgejo.server_url }}/${{ forgejo.repository }}
          --annotation=org.opencontainers.image.licenses=AGPL-3.0
      - name: Push Container
        if: ${{ forgejo.ref_name == 'main' }}
        run: |
          apk add --no-cache skopeo
          skopeo copy "archive:${{ forgejo.workspace }}/image.tar" docker://git.hamburg.ccc.de/ccchh/dooris:latest --dest-authfile=/root/.docker/config.json