Closed ochorocho closed 1 week ago
Oh, you should have had admin on this. Now you do. Let me know if you have everything you need.
@rfay is there a way to push the image without using my user and my access token?
Currently i keep getting "403 Forbidden"
------
> exporting to image:
------
ERROR: failed to solve: failed to push ghcr.io/ddev/ddev-gitlab-ci:v1.22: unexpected status from HEAD request to https://ghcr.io/v2/ddev/ddev-gitlab-ci/blobs/sha256:ee0252e41ddc3d0b47674578bb5e3aaca69b3891b9d9ef3a2b900a5fb8946f21: 403 Forbidden
See https://github.com/ddev/ddev-gitlab-ci/actions for more details
I guess we need a token. Can put the one that DDEV uses for package push in there I guess, will take a look when I get home. Thanks for the good work on this!
Ok, makes perfect sense to me.
Thank you! :-)
I added a token GHCR_TOKEN that has privileges to push to github repo, but I don't understand what you're doing in your setup. You're using GITHUB_TOKEN, which is absolutely not going to have adequate privs (because it has to have write:packages
scope, true? And you're using it with a docker login
.
Let me know what powers/scope you need for the token, and what you'd like it to be called. I'm not sure what github_actor
might be.
Feel free to drop by discord to chat.
Awesome! Thank you @rfay it is working now. GHCR_TOKEN
is ok.
For informations sake, the following code will login to ghcr.io so the workflow is able to push:
echo "${{ secrets.GHCR_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
For more details: https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/accessing-contextual-information-about-workflow-runs
In case you want me to improve or align the code with other workflow that might be used in the ddev org, just let me know.
Just a note: That token expires April 18, 2025
After moving the project to the ddev org, the image is not pushed to ghcr.io.
The build.yml workflow contains the following line:
@rfay would you mind adding the environment variables for
GHCR_TOKEN
andGHCR_USERNAME
so the GitHub Action is allowed to upload the image to ghcr.io ?