docker/build-push-action
0
0
Fork 0
mirror of https://github.com/docker/build-push-action.git synced 2026-06-05 01:28:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1554 from crazy-max/e2e-ghcr

Browse Source 
ci(e2e): use GITHUB_TOKEN for GHCR e2e
This commit is contained in:
CrazyMax
2026-06-04 16:00:12 +02:00
committed by GitHub
parent 1d0c110a5d f55bd083f2
commit 7b93b2b85c
3 changed files with 14 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/.e2e-run.yml
+2 -5
View File
@@ -1,9 +1,6 @@
# reusable workflow
name: .e2e-run
permissions:
contents: read
on:
workflow_call:
inputs:
@@ -117,8 +114,8 @@ jobs:
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
with:
registry: ${{ env.REGISTRY_FQDN || inputs.registry }}
username: ${{ env.REGISTRY_USER || secrets.registry_username }}
password: ${{ env.REGISTRY_PASSWORD || secrets.registry_password }}
username: ${{ env.REGISTRY_USER || secrets.registry_username || (inputs.registry == 'ghcr.io' && github.actor) || '' }}
password: ${{ env.REGISTRY_PASSWORD || secrets.registry_password || (inputs.registry == 'ghcr.io' && secrets.GITHUB_TOKEN) || '' }}
scope: ${{ inputs.type == 'remote' && inputs.registry == '' && '@push' || '' }}
-
name: Build and push
.github/workflows/e2e.yml
+6 -4
View File
@@ -20,6 +20,9 @@ on:
jobs:
build:
uses: ./.github/workflows/.e2e-run.yml
permissions:
contents: read
packages: write # to push image to GHCR
strategy:
fail-fast: false
matrix:
@@ -38,7 +41,7 @@ jobs:
-
name: GitHub
registry: ghcr.io
slug: ghcr.io/docker-ghactiontest/test
slug: ghcr.io/docker/build-push-action-test
auth: ghcr
type: remote
-
@@ -100,11 +103,11 @@ jobs:
registry: ${{ matrix.registry }}
slug: ${{ matrix.slug }}
secrets:
# Pass only the two secrets needed by each matrix entry.
# Pass only the registry-specific secrets needed by each matrix entry.
# GHCR uses the called workflow's GITHUB_TOKEN fallback.
registry_username: >-
${{
matrix.auth == 'dockerhub' && secrets.DOCKERHUB_USERNAME ||
matrix.auth == 'ghcr' && secrets.GHCR_USERNAME ||
matrix.auth == 'gitlab' && secrets.GITLAB_USERNAME ||
matrix.auth == 'aws' && secrets.AWS_ACCESS_KEY_ID ||
matrix.auth == 'gar' && secrets.GAR_USERNAME ||
@@ -116,7 +119,6 @@ jobs:
registry_password: >-
${{
matrix.auth == 'dockerhub' && secrets.DOCKERHUB_TOKEN ||
matrix.auth == 'ghcr' && secrets.GHCR_PAT ||
matrix.auth == 'gitlab' && secrets.GITLAB_TOKEN ||
matrix.auth == 'aws' && secrets.AWS_SECRET_ACCESS_KEY ||
matrix.auth == 'gar' && secrets.GAR_JSON_KEY ||
.github/zizmor.yml
+6
View File
@@ -0,0 +1,6 @@
rules:
# rule does not apply to reusable worfklows where permissions are defined by
# the caller workflow and not the reusable workflow itself
excessive-permissions:
ignore:
- .e2e-run.yml