Adding explicit registry authentication to Renovate flow.

2025-10-10 10:15:09 -04:00
parent bab14f0167
commit 2ba42eb035
1 changed files with 39 additions and 7 deletions
@@ -19,15 +19,47 @@ jobs:
      - name: Renovate Run
        env:
          DOCKER_HOST: tcp://dockerproxy:2375
+          RENOVATE_PLATFORM: gitea
+          RENOVATE_ENDPOINT: https://git.trez.wtf/api/v1
+          RENOVATE_TOKEN: ${{ secrets.RENOVATE_BOT_TOKEN }}
+          LOG_LEVEL: ${{ vars.RENOVATE_LOG_LEVEL }}
+          RENOVATE_GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_TOKEN }}
+          RENOVATE_CONFIG_FILE: renovate.json
+          RENOVATE_REPOSITORIES: trez/rinoa-docker
+          RENOVATE_HOST_RULES: |
+            [
+              {
+                "description": "Docker Hub authentication",
+                "hostType": "docker",
+                "matchHost": "docker.io",
+                "username": "${{ secrets.DOCKERHUB_USER }}",
+                "password": "${{ secrets.DOCKERHUB_PASSWORD }}"
+              },
+              {
+                "description": "GitHub Container Registry (GHCR)",
+                "hostType": "docker",
+                "matchHost": "ghcr.io",
+                "username": "${{ secrets.GHCR_USER }}",
+                "password": "${{ secrets.GHCR_LOGIN_TOKEN }}"
+              },
+              {
+                "description": "Self-hosted Gitea Docker Registry",
+                "hostType": "docker",
+                "matchHost": "git.trez.wtf",
+                "username": "${{ secrets.BOT_GITEA_USER }}",
+                "password": "${{ secrets.BOT_GITEA_PASSWORD }}"
+              }
+            ]
        run: |
          docker run --rm \
-            -e RENOVATE_PLATFORM=gitea \
-            -e RENOVATE_ENDPOINT=https://git.trez.wtf/api/v1 \
-            -e RENOVATE_TOKEN=${{ secrets.RENOVATE_BOT_TOKEN }} \
-            -e LOG_LEVEL=${{ vars.RENOVATE_LOG_LEVEL }} \
-            -e RENOVATE_GITHUB_COM_TOKEN=${{ secrets.RENOVATE_GITHUB_TOKEN }} \
-            -e RENOVATE_CONFIG_FILE=renovate.json \
-            -e RENOVATE_REPOSITORIES=trez/rinoa-docker \
+            -e RENOVATE_PLATFORM \
+            -e RENOVATE_ENDPOINT \
+            -e RENOVATE_TOKEN \
+            -e LOG_LEVEL \
+            -e RENOVATE_GITHUB_COM_TOKEN \
+            -e RENOVATE_CONFIG_FILE \
+            -e RENOVATE_REPOSITORIES \
+            -e RENOVATE_HOST_RULES \
            --volumes-from ${{ env.JOB_CONTAINER_NAME }} \
            -w ${GITHUB_WORKSPACE} \
            renovate/renovate:${{ env.RENOVATE_VERSION }}-full