I’m trying to build my Docker image with GitHub action using the official docker/build-push-action action. The action provides secret GIT_AUTH_TOKEN for the build by default but I seem not to be able to use the token to read another private repository from the same organization (install pip package). The same Dockerfile builds fine locally when I provide a working token for the build.
Am I supposed to be able to use the default GIT_AUTH_TOKEN or do I need to retrieve a token from Secrets Manager as we do on Jenkins that I’m trying to get rid of. Thanks for your help!
2
Answers
I also must conclude after further testing and research that the github provided workflow token gives privileges to the current repository only.
You have to generate a different PAT to clone the other repo. Bring that token in as a secret and use it in your workflow to checkout