Complete workflow token migration and pip fixes

Token Migration (GITHUB_TOKEN GH_TOKEN): - Update CI workflow to use GH_TOKEN secret - Update Release workflow to use GH_TOKEN secret - Update Security workflow to use GH_TOKEN secret - Maintain environment variable compatibility - Update token validation messages Pip Installation Improvements: - Add --root-user-action=ignore to all pip commands - Eliminates 'Running pip as root user' warnings - Applied across all workflow jobs consistently - Improves workflow reliability and log cleanliness Affected Workflows: - CI: Fixed token references + pip warnings - Release: Fixed token references + pip warnings - Security: Fixed token references + pip warnings + validation messages Changes Summary: - 3 workflow files updated - 37 insertions, 37 deletions (clean replacements) - Consistent token naming across all workflows - All pip commands now use --root-user-action=ignore flag Benefits: - Gitea-compatible secret naming (GH_TOKEN) - Cleaner workflow logs without pip warnings - Better error handling and validation - Consistent token usage across all pipelines
2025-08-12 16:50:09 +07:00
parent b13a4fe400
commit 505c65f614
3 changed files with 37 additions and 37 deletions
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -14,7 +14,7 @@ env:
  REGISTRY: git.b4l.co.th
  IMAGE_NAME: b4l/northern-thailand-ping-river-monitor
  # GitHub token for better rate limits and authentication
-  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GH_TOKEN: ${{ secrets.GH_TOKEN }}

 jobs:
  # Test job
@@ -44,9 +44,9 @@ jobs:
          
    - name: Install dependencies
      run: |
-        python -m pip install --upgrade pip
-        pip install -r requirements.txt
-        pip install -r requirements-dev.txt
+        python -m pip install --upgrade pip --root-user-action=ignore
+        pip install --root-user-action=ignore -r requirements.txt
+        pip install --root-user-action=ignore -r requirements-dev.txt
        
    - name: Lint with flake8
      run: |
@@ -106,8 +106,8 @@ jobs:
        
    - name: Install dependencies
      run: |
-        python -m pip install --upgrade pip
-        pip install -r requirements-dev.txt
+        python -m pip install --upgrade pip --root-user-action=ignore
+        pip install --root-user-action=ignore -r requirements-dev.txt
        
    - name: Run safety check
      run: |
@@ -167,7 +167,7 @@ jobs:
        cache-from: type=gha
        cache-to: type=gha,mode=max
      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
        
    - name: Test Docker image
      run: |
@@ -205,8 +205,8 @@ jobs:
        
    - name: Install dependencies
      run: |
-        python -m pip install --upgrade pip
-        pip install -r requirements.txt
+        python -m pip install --upgrade pip --root-user-action=ignore
+        pip install --root-user-action=ignore -r requirements.txt
        
    - name: Test with VictoriaMetrics
      env: