fix(ci): robust gitea auth token detection, remove failing action token fallback

.gitea/workflows/deploy.yml

@@ -160,8 +160,12 @@ jobs:
           sed -i 's|../at-mintel|./_at-mintel|g' package.json
       - name: 🔐 Registry Auth
         run: |
-          echo "@mintel:registry=https://${{ vars.REGISTRY_HOST || 'npm.infra.mintel.me' }}" > .npmrc
+          TOKEN="${{ secrets.NPM_TOKEN }}"
-          echo "//${{ vars.REGISTRY_HOST || 'npm.infra.mintel.me' }}/:_authToken=${{ secrets.REGISTRY_PASS }}" >> .npmrc
+          if [ -z "$TOKEN" ]; then TOKEN="${{ secrets.MINTEL_PRIVATE_TOKEN }}"; fi
+          if [ -z "$TOKEN" ]; then TOKEN="${{ secrets.GITEA_PAT }}"; fi
+          if [ -z "$TOKEN" ]; then echo "Missing NPM_TOKEN secret! Add it to Gitea repo settings."; exit 1; fi
+          echo "@mintel:registry=https://${{ vars.REGISTRY_HOST || 'git.infra.mintel.me/api/packages/mmintel/npm/' }}" > .npmrc
+          echo "//${{ vars.REGISTRY_HOST || 'git.infra.mintel.me/api/packages/mmintel/npm/' }}:_authToken=${TOKEN}" >> .npmrc
       - name: 🏗️ Compile Sibling Monorepo
         run: |
           cp .npmrc _at-mintel/
@@ -205,8 +209,7 @@ jobs:
           TOKEN="${{ secrets.NPM_TOKEN }}"
           if [ -z "$TOKEN" ]; then TOKEN="${{ secrets.MINTEL_PRIVATE_TOKEN }}"; fi
           if [ -z "$TOKEN" ]; then TOKEN="${{ secrets.GITEA_PAT }}"; fi
-          if [ -z "$TOKEN" ]; then TOKEN="${{ secrets.REGISTRY_PASS }}"; fi
+          if [ -z "$TOKEN" ]; then echo "Missing NPM_TOKEN secret! Add it to Gitea repo settings."; exit 1; fi
-          if [ -z "$TOKEN" ]; then TOKEN="${{ secrets.GITHUB_TOKEN }}"; fi
           echo "token=$TOKEN" >> $GITHUB_OUTPUT
 
       - name: 🔐 Registry Login
@@ -412,12 +415,17 @@ jobs:
           scp docker-compose.yml root@alpha.mintel.me:$SITE_DIR/docker-compose.yml
 
           # Deploy
+          TOKEN="${{ secrets.NPM_TOKEN }}"
+          if [ -z "$TOKEN" ]; then TOKEN="${{ secrets.MINTEL_PRIVATE_TOKEN }}"; fi
+          if [ -z "$TOKEN" ]; then TOKEN="${{ secrets.GITEA_PAT }}"; fi
+          if [ -z "$TOKEN" ]; then echo "Missing NPM_TOKEN secret! Add it to Gitea repo settings."; exit 1; fi
+
           DB_CONTAINER="${{ needs.prepare.outputs.project_name }}-postgres-db-1"
           ssh root@alpha.mintel.me bash <<DEPLOYEOF
           set -e
           docker network create '${{ needs.prepare.outputs.project_name }}-internal' || true
           docker volume create 'mintel-me_payload-db-data' || true
-          echo '${{ secrets.NPM_TOKEN }}' | docker login git.infra.mintel.me -u '${{ github.repository_owner }}' --password-stdin
+          echo '$TOKEN' | docker login git.infra.mintel.me -u '${{ github.repository_owner }}' --password-stdin
           cd $SITE_DIR
           docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '$ENV_FILE' pull
           docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '$ENV_FILE' up -d --remove-orphans