ci(docker): add support for Gitea registry and update permissions

Update the docker-build workflow to support both GitHub Container Registry and Gitea by dynamically determining the registry URL based on the server URL. Added explicit permissions for package writing and implemented conditional login steps to handle GitHub and Gitea authentication differently.
2026-06-03 23:12:56 +00:00 · 2026-05-07 09:47:56 +02:00
parent 3d21aef323
commit b7d86ad5f8
1 changed files with 25 additions and 5 deletions
@@ -8,9 +8,13 @@ on:
    branches: [main]

 env:
-  REGISTRY: ghcr.io
+  REGISTRY: ${{ github.server_url == 'https://github.com' && 'ghcr.io' || format('{0}/v2', github.server_url) }}
  IMAGE_PREFIX: ${{ github.repository }}

+permissions:
+  contents: read
+  packages: write
+
 jobs:
  build-backend:
    runs-on: ubuntu-latest
@@ -20,14 +24,22 @@ jobs:
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

-      - name: Log in to registry (push only)
-        if: github.event_name == 'push'
+      - name: Log in to registry (push only) - GitHub
+        if: github.event_name == 'push' && github.server_url == 'https://github.com'
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

+      - name: Log in to registry (push only) - Gitea
+        if: github.event_name == 'push' && github.server_url != 'https://github.com'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ secrets.GITEA_USERNAME || github.actor }}
+          password: ${{ secrets.GITEA_TOKEN || secrets.GITHUB_TOKEN }}
+
      - name: Extract metadata
        id: meta
        uses: docker/metadata-action@v5
@@ -57,14 +69,22 @@ jobs:
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

-      - name: Log in to registry (push only)
-        if: github.event_name == 'push'
+      - name: Log in to registry (push only) - GitHub
+        if: github.event_name == 'push' && github.server_url == 'https://github.com'
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

+      - name: Log in to registry (push only) - Gitea
+        if: github.event_name == 'push' && github.server_url != 'https://github.com'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ secrets.GITEA_USERNAME || github.actor }}
+          password: ${{ secrets.GITEA_TOKEN || secrets.GITHUB_TOKEN }}
+
      - name: Extract metadata
        id: meta
        uses: docker/metadata-action@v5