Skip to content
This repository was archived by the owner on Nov 24, 2025. It is now read-only.

Commit a0adc6f

Browse files
JeroenKnoopsJeroenKnoops
authored
Merge pull request #262 from GergelyMincsovicsPhilips/main
change secrets.GITHUB_TOKEN to github.token in the readme
2 parents 7867df5 + 53a77c8 commit a0adc6f

File tree

1 file changed

+8
-8
lines changed

1 file changed

+8
-8
lines changed

README.md

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -188,7 +188,7 @@ This action is a `docker` action.
188188
push-branches: main develop
189189
env:
190190
REGISTRY_USERNAME: ${{ github.actor }}
191-
REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }}
191+
REGISTRY_TOKEN: ${{ github.token }}
192192
REGISTRY_URL: ghcr.io/organization-here
193193
GITHUB_ORGANIZATION: organization-here
194194
```
@@ -224,7 +224,7 @@ Store the content of `cosign.pub`, `cosign.key` and the password in GitHub Secre
224224
sign: true
225225
env:
226226
REGISTRY_USERNAME: ${{ github.actor }}
227-
REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }}
227+
REGISTRY_TOKEN: ${{ github.token }}
228228
REGISTRY_URL: ghcr.io/organization-here
229229
GITHUB_ORGANIZATION: organization-here
230230
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
@@ -266,7 +266,7 @@ Now you can start signing and adding the attestations without using keys.
266266
slsa: true
267267
env:
268268
REGISTRY_USERNAME: ${{ github.actor }}
269-
REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }}
269+
REGISTRY_TOKEN: ${{ github.token }}
270270
REGISTRY_URL: ghcr.io/organization-here
271271
GITHUB_ORGANIZATION: organization-here
272272
KEYLESS: true
@@ -301,7 +301,7 @@ This is an example: [signature test-docker-ci-scripts image](https://search.sigs
301301
slsa-provenance: true
302302
env:
303303
REGISTRY_USERNAME: ${{ github.actor }}
304-
REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }}
304+
REGISTRY_TOKEN: ${{ github.token }}
305305
REGISTRY_URL: ghcr.io/organization-here
306306
GITHUB_ORGANIZATION: organization-here
307307
- name: Show provenance
@@ -326,7 +326,7 @@ the COSIGN environment variables. (see #sign how to generate the key-pair)
326326
sign: true
327327
env:
328328
REGISTRY_USERNAME: ${{ github.actor }}
329-
REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }}
329+
REGISTRY_TOKEN: ${{ github.token }}
330330
REGISTRY_URL: ghcr.io/organization-here
331331
GITHUB_ORGANIZATION: organization-here
332332
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
@@ -357,7 +357,7 @@ You can inspect the provenance and decide on whether you want use the image.
357357
sbom: true
358358
env:
359359
REGISTRY_USERNAME: ${{ github.actor }}
360-
REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }}
360+
REGISTRY_TOKEN: ${{ github.token }}
361361
REGISTRY_URL: ghcr.io/organization-here
362362
GITHUB_ORGANIZATION: organization-here
363363
- name: Show SBOM
@@ -382,7 +382,7 @@ the COSIGN environment variables. (see #sign how to generate the key-pair)
382382
sign: true
383383
env:
384384
REGISTRY_USERNAME: ${{ github.actor }}
385-
REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }}
385+
REGISTRY_TOKEN: ${{ github.token }}
386386
REGISTRY_URL: ghcr.io/organization-here
387387
GITHUB_ORGANIZATION: organization-here
388388
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
@@ -414,7 +414,7 @@ the COSIGN environment variables. (see #sign how to generate the key-pair)
414414
slsa-provenance: true
415415
env:
416416
REGISTRY_USERNAME: ${{ github.actor }}
417-
REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }}
417+
REGISTRY_TOKEN: ${{ github.token }}
418418
REGISTRY_URL: ghcr.io/organization-here
419419
GITHUB_ORGANIZATION: organization-here
420420
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}

0 commit comments

Comments
 (0)