Skip to content

Commit

Permalink
Use job token where possible
Browse files Browse the repository at this point in the history
It's possible if you set permissions packages:write
and specify the image name explicitly
  • Loading branch information
mering committed Oct 31, 2023
1 parent ad8b5cc commit 6abd1b1
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 11 deletions.
15 changes: 9 additions & 6 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,9 @@ on:
pull_request:
branches: [ main ]
concurrency: testing
permissions:
contents: read
packages: write
jobs:
add_temp_pkgs1:
name: Add temporary packages for testing
Expand All @@ -21,7 +24,7 @@ jobs:
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: lower case repository
id: lower_case_repository
Expand Down Expand Up @@ -54,7 +57,7 @@ jobs:
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: lower case repository
id: lower_case_repository
Expand All @@ -80,12 +83,12 @@ jobs:
- uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GitHub Container Registry with PAT_TOKEN
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.PAT_TOKEN }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: ./
with:
token: ${{ secrets.PAT_TOKEN }}
Expand Down Expand Up @@ -118,7 +121,7 @@ jobs:
- uses: actions/checkout@v3
- uses: ./
with:
token: ${{ secrets.PAT_TOKEN }}
token: ${{ secrets.GITHUB_TOKEN }}
repository_owner: ${{ github.repository_owner }}
repository: ${{ github.repository }}
package_name: ${{ github.repository }}/p1
Expand Down
10 changes: 5 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,7 @@ delete all / untagged ghcr containers in a repository
- name: Delete all containers from package without tags
uses: Chizkiyahu/delete-untagged-ghcr-action@v2
with:
token: ${{ secrets.PAT_TOKEN }}
token: ${{ github.token }}
repository_owner: ${{ github.repository_owner }}
repository: ${{ github.repository }}
package_name: the-package-name
Expand All @@ -145,12 +145,12 @@ delete all / untagged ghcr containers in a repository
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.PAT_TOKEN }}
username: ${{ github.repository_owner }}
password: ${{ github.token }}
- name: Delete all containers from package without tags
uses: Chizkiyahu/delete-untagged-ghcr-action@v2
with:
token: ${{ secrets.PAT_TOKEN }}
token: ${{ github.token }}
repository_owner: ${{ github.repository_owner }}
repository: ${{ github.repository }}
package_name: the-package-name
Expand All @@ -164,7 +164,7 @@ delete all / untagged ghcr containers in a repository
- name: Delete all containers from package
uses: Chizkiyahu/delete-untagged-ghcr-action@v2
with:
token: ${{ secrets.PAT_TOKEN }}
token: ${{ github.token }}
repository_owner: ${{ github.repository_owner }}
repository: ${{ github.repository }}
package_name: the-package-name
Expand Down

0 comments on commit 6abd1b1

Please sign in to comment.