From 7e320c08d995ad054d7f54694b59ffbbe632629f Mon Sep 17 00:00:00 2001
From: Marc Mintel <marc@mintel.me>
Date: Wed, 4 Mar 2026 09:59:30 +0100
Subject: [PATCH] ci: fix registry authentication by using NPM_TOKEN explicitly

---
 .gitea/workflows/deploy.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
index 9c15224..481a62c 100644
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -281,7 +281,7 @@ jobs:
         with:
           registry: git.infra.mintel.me
           username: ${{ github.repository_owner }}
-          password: ${{ steps.prep_token.outputs.token }}
+          password: ${{ secrets.NPM_TOKEN }}
 
       - name: 🏗️ Build and Push
         uses: docker/build-push-action@v5
@@ -294,12 +294,12 @@ jobs:
             NEXT_PUBLIC_BASE_URL=${{ needs.prepare.outputs.next_public_url }}
             NEXT_PUBLIC_TARGET=${{ needs.prepare.outputs.target }}
             DIRECTUS_URL=${{ needs.prepare.outputs.directus_url }}
-            NPM_TOKEN=${{ steps.prep_token.outputs.token }}
+            NPM_TOKEN=${{ secrets.NPM_TOKEN }}
           tags: git.infra.mintel.me/mmintel/mintel.me:${{ needs.prepare.outputs.image_tag }}
           cache-from: type=registry,ref=git.infra.mintel.me/mmintel/mintel.me:buildcache
           cache-to: type=registry,ref=git.infra.mintel.me/mmintel/mintel.me:buildcache,mode=max
           secrets: |
-            NPM_TOKEN=${{ steps.prep_token.outputs.token }}
+            NPM_TOKEN=${{ secrets.NPM_TOKEN }}
 
       - name: 🚨 Extract Build Error Logs
         if: failure()
@@ -310,13 +310,13 @@ jobs:
           chmod 600 ~/.ssh/id_ed25519
           ssh-keyscan -H alpha.mintel.me >> ~/.ssh/known_hosts 2>/dev/null
           echo "Re-running docker build with plain progress to capture exact logs..."
-          echo "${{ steps.prep_token.outputs.token }}" | docker login git.infra.mintel.me -u "${{ github.repository_owner }}" --password-stdin > login.log 2>&1
-          echo "${{ steps.prep_token.outputs.token }}" > /tmp/npm_token.txt
+          echo "${{ secrets.NPM_TOKEN }}" | docker login git.infra.mintel.me -u "${{ github.repository_owner }}" --password-stdin > login.log 2>&1
+          echo "${{ secrets.NPM_TOKEN }}" > /tmp/npm_token.txt
           docker build \
              --build-arg NEXT_PUBLIC_BASE_URL=${{ needs.prepare.outputs.next_public_url }} \
              --build-arg NEXT_PUBLIC_TARGET=${{ needs.prepare.outputs.target }} \
              --build-arg DIRECTUS_URL=${{ needs.prepare.outputs.directus_url }} \
-             --build-arg NPM_TOKEN=${{ steps.prep_token.outputs.token }} \
+             --build-arg NPM_TOKEN=${{ secrets.NPM_TOKEN }} \
              --secret id=NPM_TOKEN,src=/tmp/npm_token.txt \
              --progress plain \
              -t temp-image . > docker_build_failed.log 2>&1