name: Build with Kaniko (PAT Auth)

on:
  push:
    branches: [ main ]
  workflow_dispatch:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Build and Push
        uses: docker://gcr.io/kaniko-project/executor:v1.23.2-debug
        with:
          entrypoint: /busybox/sh
          args: >-
            -c
            "
            echo '正在生成认证信息 (使用 PAT)...' &&
            
            # === 重点修改在这里 ===
            # 将 secrets.GITHUB_TOKEN 换成了 secrets.PACKAGES_TOKEN
            echo '{\"auths\":{\"gitea-http.gitea.svc.cluster.local:3000\":{\"username\":\"${{ gitea.actor }}\",\"password\":\"${{ secrets.PACKAGES_TOKEN }}\"}}}' > /kaniko/.docker/config.json &&
            
            echo '认证文件已生成，开始构建...' &&
            
            /kaniko/executor \
              --context=. \
              --dockerfile=Dockerfile \
              --destination=gitea-http.gitea.svc.cluster.local:3000/${{ gitea.actor }}/my-docs:latest \
              --destination=gitea-http.gitea.svc.cluster.local:3000/${{ gitea.actor }}/my-docs:${{ github.sha }} \
              --insecure \
              --skip-tls-verify \
              --cache=true
            "