This was generated by AI during triage.
Bug Report: Docker CI fails on forked PRs without registry secrets
Describe the bug
The build-docker CI job runs on pull_request events and always attempts to log in to the private registry using secrets.CI_REGISTRY_USER and secrets.CI_REGISTRY_PASSWORD. For pull requests opened from forks, GitHub does not expose repository secrets, so the Docker login step receives empty credentials and fails with Username and password required.
To Reproduce
Steps to reproduce the behavior:
- Open a pull request from a fork into
beeper/line.
- Wait for the
CI / build-docker (pull_request) check to run.
- Observe the
Login to registry step fail before the Docker build starts.
Expected behavior
Forked pull requests should not fail CI because private registry secrets are unavailable. The Docker registry login/push job should only run when secrets are available, such as same-repository PRs or pushes.
Screenshots or logs
The failing step reports:
Error: Username and password required
Additional context
The regular Go build and lint checks are sufficient to validate forked PR code. Docker image publishing requires private credentials and should be skipped for forked PRs.
Bug Report: Docker CI fails on forked PRs without registry secrets
Describe the bug
The
build-dockerCI job runs onpull_requestevents and always attempts to log in to the private registry usingsecrets.CI_REGISTRY_USERandsecrets.CI_REGISTRY_PASSWORD. For pull requests opened from forks, GitHub does not expose repository secrets, so the Docker login step receives empty credentials and fails withUsername and password required.To Reproduce
Steps to reproduce the behavior:
beeper/line.CI / build-docker (pull_request)check to run.Login to registrystep fail before the Docker build starts.Expected behavior
Forked pull requests should not fail CI because private registry secrets are unavailable. The Docker registry login/push job should only run when secrets are available, such as same-repository PRs or pushes.
Screenshots or logs
The failing step reports:
Additional context
The regular Go build and lint checks are sufficient to validate forked PR code. Docker image publishing requires private credentials and should be skipped for forked PRs.