r/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: r:44064b636482ca97ee388b7a78204553284ffdea
Branches Tags
r:main
...
compare: r:9f177c61f9dec25fa77dd10ad62f1462f8115cf1
Branches Tags
r:main

2 Commits
44064b6364 ... 9f177c61f9

Author SHA1 Message Date
Robert Helewka
9f177c61f9 Merge pull request 'ci: wire up the builder-image workflow and fix repo layout' (#1) from ci/wire-up-builder-image into main
All checks were successful
build-android-builder-image / build-image (push) Successful in 1m44s
Details
2026-06-16 12:54:14 +00:00
Robert Helewka
2e6cac3d5d ci: use PACKAGE_TOKEN for the registry login 
GITEA_TOKEN is not set in these repos — the registry login sent a blank
password and Gitea's /v2/ endpoint returned unauthorized. Switch the
image-build login, the app template, and the README to PACKAGE_TOKEN, the
PAT the other repos already use (Syrinx pairs gitea.actor + PACKAGE_TOKEN
successfully). The PAT needs write:package here and read:package in app
repos.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-06-16 08:53:31 -04:00
3 changed files with 7 additions and 6 deletions
Expand all files Collapse all files

2
.gitea/workflows/builder-image.yml
View File

@@ -38,7 +38,7 @@ jobs:
with:
registry: ${{ env.REGISTRY }}
username: ${{ gitea.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.PACKAGE_TOKEN }}
- name: Set up Buildx
uses: docker/setup-buildx-action@v3

9
README.md
View File

@@ -66,7 +66,7 @@ jobs:
image: git.helu.ca/r/android:2026.06
credentials:
username: ${{ gitea.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.PACKAGE_TOKEN }}
```
The build task is selectable: `assembleRelease` (APK, the default) or
@@ -83,9 +83,10 @@ Signing happens at job time; nothing sensitive lives in the repo or the image.
| `KEY_ALIAS` | signing key alias |
| `KEY_PASSWORD` | key password |
`GITEA_TOKEN` needs `write:package` here (to push) and `read:package` in app
repos (to pull). The built-in token usually covers this; if your instance
scopes it tightly, use a PAT.
`PACKAGE_TOKEN` (a PAT, the same secret the other repos here use) needs
`write:package` in this repo (to push the image) and `read:package` in app
repos (to pull it). Set it as a repo or org-level Actions secret. The
built-in `gitea.token` is not used because it isn't scoped for the registry.
## First-run sequencing

2
templates/build.yml
View File

@@ -29,7 +29,7 @@ jobs:
image: git.helu.ca/r/android:2026.06
credentials:
username: ${{ gitea.actor }}
password: ${{ secrets.GITEA_TOKEN }}
password: ${{ secrets.PACKAGE_TOKEN }}
steps:
- name: Checkout
uses: actions/checkout@v4