From 30df0529d36ab7c03aeb2e2e9673d75f97e4ca53 Mon Sep 17 00:00:00 2001
From: sbaizet <74511063+sbaizet-ledger@users.noreply.github.com>
Date: Thu, 21 Nov 2024 03:23:37 +0100
Subject: [PATCH] Fix ci login (#238)

* fix ci-login by adding permissions to workflow

* Add registry permissions

* test

* fix helm registry login

* fix the remaining issues

* test without the env variable HELM_GITHUB_PASSWORD

* remove the HELM_GITHUB_PASSWORD everywhere

* test

* remove permissions on workflow

* test

* revert scroll-sdk bump version
---
 .github/workflows/lint-test-charts.yml   |  2 --
 .github/workflows/publish-chart.yaml     |  8 --------
 .github/workflows/publish-dev-chart.yaml | 12 ++----------
 3 files changed, 2 insertions(+), 20 deletions(-)

diff --git a/.github/workflows/lint-test-charts.yml b/.github/workflows/lint-test-charts.yml
index 9623456a..ff993a7e 100644
--- a/.github/workflows/lint-test-charts.yml
+++ b/.github/workflows/lint-test-charts.yml
@@ -34,8 +34,6 @@ jobs:
       - name: Helm registry login
         run: |
           helm registry login ghcr.io/scroll-tech/helm/scroll-sdk --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }}
-        env:
-          HELM_GITHUB_PASSWORD: "${{ secrets.HELM_GITHUB_PASSWORD }}"
 
       - name: Run chart-testing (list-changed)
         id: list-changed
diff --git a/.github/workflows/publish-chart.yaml b/.github/workflows/publish-chart.yaml
index a49e5749..de135e43 100644
--- a/.github/workflows/publish-chart.yaml
+++ b/.github/workflows/publish-chart.yaml
@@ -33,8 +33,6 @@ jobs:
       - name: Helm registry login
         run: |
           helm registry login ghcr.io/scroll-tech/helm/scroll-sdk --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }}
-        env:
-          HELM_GITHUB_PASSWORD: "${{ secrets.HELM_GITHUB_PASSWORD }}"
 
       #  List chart change except scroll-sdk
       - name: Run chart-testing (list-changed)
@@ -73,8 +71,6 @@ jobs:
       - name: Helm registry login
         run: |
           helm registry login ghcr.io/scroll-tech/helm/scroll-sdk --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }}
-        env:
-          HELM_GITHUB_PASSWORD: "${{ secrets.HELM_GITHUB_PASSWORD }}"
 
         # We filter here the scroll-sdk chart
       - name: Push chart to ghcr
@@ -134,8 +130,6 @@ jobs:
       - name: Helm registry login
         run: |
           helm registry login ghcr.io/scroll-tech/helm/scroll-sdk --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }}
-        env:
-          HELM_GITHUB_PASSWORD: "${{ secrets.HELM_GITHUB_PASSWORD }}"
 
       #  List scroll-sdk chart if it has changed
       - name: Run chart-testing (list-changed)
@@ -174,8 +168,6 @@ jobs:
       - name: Helm registry login
         run: |
           helm registry login ghcr.io/scroll-tech/helm/scroll-sdk --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }}
-        env:
-          HELM_GITHUB_PASSWORD: "${{ secrets.HELM_GITHUB_PASSWORD }}"
 
       - name: Push chart to ghcr
         if: steps.filter.outputs.addedOrModified == 'true'
diff --git a/.github/workflows/publish-dev-chart.yaml b/.github/workflows/publish-dev-chart.yaml
index 49f6be07..4946acd1 100644
--- a/.github/workflows/publish-dev-chart.yaml
+++ b/.github/workflows/publish-dev-chart.yaml
@@ -35,8 +35,6 @@ jobs:
       - name: Helm registry login
         run: |
           helm registry login ghcr.io/scroll-tech/helm/scroll-sdk --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }}
-        env:
-          HELM_GITHUB_PASSWORD: "${{ secrets.HELM_GITHUB_PASSWORD }}"
 
       #  List chart change except scroll-sdk
       - name: Run chart-testing (list-changed)
@@ -74,9 +72,7 @@ jobs:
 
       - name: Helm registry login
         run: |
-          helm registry login ghcr.io/scroll-tech/helm/scroll-sdk --username ${{ github.actor }} --password ${{ secrets.HELM_GITHUB_PASSWORD }}
-        env:
-          HELM_GITHUB_PASSWORD: "${{ secrets.HELM_GITHUB_PASSWORD }}"
+          helm registry login ghcr.io/scroll-tech/helm/scroll-sdk --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }}
 
         # We filter here the scroll-sdk chart
       - name: Push chart to ghcr
@@ -136,8 +132,6 @@ jobs:
       - name: Helm registry login
         run: |
           helm registry login ghcr.io/scroll-tech/helm/scroll-sdk --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }}
-        env:
-          HELM_GITHUB_PASSWORD: "${{ secrets.HELM_GITHUB_PASSWORD }}"
 
       #  List scroll-sdk chart if it has changed
       - name: Run chart-testing (list-changed)
@@ -175,9 +169,7 @@ jobs:
 
       - name: Helm registry login
         run: |
-          helm registry login ghcr.io/scroll-tech/helm/scroll-sdk --username ${{ github.actor }} --password ${{ secrets.HELM_GITHUB_PASSWORD }}
-        env:
-          HELM_GITHUB_PASSWORD: "${{ secrets.HELM_GITHUB_PASSWORD }}"
+          helm registry login ghcr.io/scroll-tech/helm/scroll-sdk --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }}
 
       - name: Replace helm registry by helm/dev
         run: |