From f4a9e21169e399422f0651ae9dacaefbe1bfa9f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Andr=C3=A9?= Date: Thu, 2 Apr 2026 16:37:23 +0200 Subject: [PATCH] Use oauth token for accessing quay API We need a separate OAUTH token to access quay's API, that is different from the account password. --- .github/workflows/container_image.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/container_image.yaml b/.github/workflows/container_image.yaml index 0673adb5f..5a6911304 100644 --- a/.github/workflows/container_image.yaml +++ b/.github/workflows/container_image.yaml @@ -37,11 +37,11 @@ jobs: - name: Set expiration on commit image env: - QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }} # zizmor: ignore[secrets-outside-env] + QUAY_OAUTH_TOKEN: ${{ secrets.QUAY_OAUTH_TOKEN }} # zizmor: ignore[secrets-outside-env] run: | EXPIRATION=$(($(date -u +%s) + 2419200)) curl -sf -X PUT \ - -H "Authorization: Bearer ${QUAY_TOKEN}" \ + -H "Authorization: Bearer ${QUAY_OAUTH_TOKEN}" \ -H "Content-Type: application/json" \ -d "{\"expiration\": $EXPIRATION}" \ "https://quay.io/api/v1/repository/orc/openstack-resource-controller/tag/commit-${GITHUB_SHA::7}"