add token secret

2026-04-14 11:53:44 +02:00 · 2025-09-23 19:38:20 +02:00
parent 93132c256d
commit eabd59e945
1 changed files with 4 additions and 7 deletions
--- a/.github/workflows/docker-build-push.yml
+++ b/.github/workflows/docker-build-push.yml
@@ -8,23 +8,20 @@ on:
 jobs:
  build-and-push:
    runs-on: ubuntu-latest
-    # DIESER BLOCK IST ENTSCHEIDEND - er wird aber von den Repo-Settings überschrieben, wenn diese zu restriktiv sind.
-    permissions:
-      contents: read
-      packages: write # Notwendig, um in die GHCR zu pushen

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
-          fetch-depth: 0 
+          fetch-depth: 0 # Notwendig, um den Git-Hash zu bekommen

      - name: Log in to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          # Verwendet Ihr dediziertes Secret für die Authentifizierung
+          password: ${{ secrets.GHC_PUSH }}

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
@@ -43,7 +40,7 @@ jobs:
      - name: Build images using compose.build.yml
        env:
          GIT_COMMIT_SHA: ${{ steps.git_sha.outputs.sha }}
-          SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+          SENTRY_DSN: ${{ secrets.SENTRY_DSN }} # Sentry DSN als Secret übergeben
        run: |
          docker compose -f compose.build.yml build