Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use my credentials to store and retrieve container #113

Merged
merged 10 commits into from
Aug 1, 2024

Conversation

twsearle
Copy link
Collaborator

@twsearle twsearle commented Aug 1, 2024

Description

NOTE This is a temporary fix to the CI to get us past the atlas upgrade. I will help refactor this to use a centralised solution when possible if desired.

Rather than use a persistent GitHub PAT for CI, I experimented to use each users ephemeral GITHUB_TOKEN, which is automatically generated and has a lifetime for only the life of the github workflow run. This is safer, and also gets around us needing more permissions on the darth account to create packages. However, it didn't work on this repo. I am not sure why, but authentication did not work.

Resolves #111

@twsearle twsearle self-assigned this Aug 1, 2024
@twsearle twsearle force-pushed the feature/use-personal-ghcr-container branch from d18ac7b to 6f57e81 Compare August 1, 2024 07:43
@twsearle twsearle force-pushed the feature/use-personal-ghcr-container branch from dc66239 to 8caa2c1 Compare August 1, 2024 08:17
@twsearle twsearle changed the title Use github.actor to store and retrieve container Use my credentials to store and retrieve container Aug 1, 2024
@twsearle twsearle requested a review from yaswant August 1, 2024 12:00
Comment on lines 76 to 77
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Congratulations @twsearle 👍🏽
Just being picky really, will it be better to have some sensible tag and label for the image? like :

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The tags and labels are automatically generated from the docker metadata action. Its all still annoyingly chicken and egg! But I am hoping after I merge this I can version the tags the next PR.

@yaswant
Copy link
Collaborator

yaswant commented Aug 1, 2024

Also, you might want to protect the develop branch from anyone modifying without correct privilege. It appears that I can merge, and I don't have any elevated privilege for orca-jedi.

@twsearle twsearle merged commit 8bffcfc into develop Aug 1, 2024
3 checks passed
@yaswant
Copy link
Collaborator

yaswant commented Aug 1, 2024 via email

@twsearle twsearle deleted the feature/use-personal-ghcr-container branch September 23, 2024 08:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

The GH_PAT token in the repo does not have package write permissions
2 participants