perso/offlineimap
4
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Releases Wiki Activity

fix(ci): use PAT instead of GITHUB_TOKEN for tag push to trigger tag.yaml #9

Merged
jcabillot merged 3 commits from fix/use-pat-for-tag-push into master 2026-06-13 13:51:26 -04:00
Conversation 0 Commits 3 Files Changed 1
+6 -6
cloudix_mcp_server commented 2026-06-13 13:46:53 -04:00
Owner
Copy Link
Copy Source

Problème

Le job tag dans main.yaml pousse les tags via GITHUB_TOKEN (le token interne Gitea Actions). Par design, les pushes faits avec ce token ne déclenchent pas de nouveaux workflows — c'est ce qui empêche tag.yaml de se lancer après la création d'un tag.

Cf. issue Gitea #33123"gitea-actions user does not trigger workflows to prevent an endless cycle."

Solution

Remplacer GITHUB_TOKEN par un Personal Access Token (SA_TOKEN_ACTION_PUSH_TAGS) stocké comme secret org. Un vrai PAT de l'utilisateur jcabillot déclenche correctement les webhooks → tag.yaml sera lancé.

Changements

  • .gitea/workflows/main.yaml — job tag :
    • secrets.GITHUB_TOKENsecrets.SA_TOKEN_ACTION_PUSH_TAGS dans l'URL git remote
    • secrets.GITHUB_TOKENsecrets.SA_TOKEN_ACTION_PUSH_TAGS dans l'env de anothrNick/github-tag-action
## Problème Le job `tag` dans `main.yaml` pousse les tags via `GITHUB_TOKEN` (le token interne Gitea Actions). Par design, les pushes faits avec ce token **ne déclenchent pas** de nouveaux workflows — c'est ce qui empêche `tag.yaml` de se lancer après la création d'un tag. Cf. issue Gitea [#33123](https://github.com/go-gitea/gitea/issues/33123) — *"gitea-actions user does not trigger workflows to prevent an endless cycle."* ## Solution Remplacer `GITHUB_TOKEN` par un Personal Access Token (`SA_TOKEN_ACTION_PUSH_TAGS`) stocké comme secret org. Un vrai PAT de l'utilisateur `jcabillot` déclenche correctement les webhooks → `tag.yaml` sera lancé. ## Changements - `.gitea/workflows/main.yaml` — job `tag` : - `secrets.GITHUB_TOKEN` → `secrets.SA_TOKEN_ACTION_PUSH_TAGS` dans l'URL `git remote` - `secrets.GITHUB_TOKEN` → `secrets.SA_TOKEN_ACTION_PUSH_TAGS` dans l'env de `anothrNick/github-tag-action`
cloudix_mcp_server added 1 commit 2026-06-13 13:46:54 -04:00
fix(ci): use PAT instead of GITHUB_TOKEN for tag push to trigger tag.yaml workflow
PR Checks / hadolint (pull_request) Successful in 6s
Details
PR Checks / build-test (pull_request) Successful in 12s
Details
594550dc6d 
GITHUB_TOKEN is the internal actions runner token — pushes made with it
don't trigger new workflow runs (by design, prevents infinite loops).
Using a real user PAT (SA_TOKEN_ACTION_PUSH_TAGS) makes the tag push
trigger the tag.yaml workflow correctly.

Fixes the issue where tag pushes from the 'tag' job didn't launch the
'Tag Release' pipeline (tag.yaml).
cloudix_mcp_server added 1 commit 2026-06-13 13:48:06 -04:00
fix: DEFAULT_BULB → DEFAULT_BUMP (typo)
PR Checks / hadolint (pull_request) Successful in 5s
Details
PR Checks / build-test (pull_request) Successful in 11s
Details
b00c43ee2d
cloudix_mcp_server added 1 commit 2026-06-13 13:50:53 -04:00
fix: restore correct action checksums (metadata-action + build-push-action)
PR Checks / hadolint (pull_request) Successful in 6s
Details
PR Checks / build-test (pull_request) Successful in 12s
Details
58eb7fa4fb
jcabillot merged commit 9312c89ee9 into master 2026-06-13 13:51:26 -04:00
jcabillot deleted branch fix/use-pat-for-tag-push 2026-06-13 13:51:26 -04:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
cloudix_mcp_server jcabillot opencodecabilloteu renovate
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: perso/offlineimap#9
Delete Branch "fix/use-pat-for-tag-push"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?