fix(ci): use docker login --password-stdin (bypass login-action@v3)

docker/login-action@v3 kept emitting "malformed HTTP Authorization header" against a fresh, known-good dckr_pat_* token (verified by direct curl against hub.docker.com/v2/users/login). Replacing with `docker login --password-stdin` — Docker's documented credential ingestion path — sidesteps whatever encoding the action injects. Refs #794. Co-Authored-By: claude-flow <ruv@ruv.net>
2026-05-25 15:42:40 -04:00 · 2026-05-25 15:42:40 -04:00 · c7488aeb7f
parent 2154b6931c
commit c7488aeb7f
1 changed files with 10 additions and 5 deletions
--- a/.github/workflows/sensing-server-docker.yml
+++ b/.github/workflows/sensing-server-docker.yml
@ -61,11 +61,16 @@ jobs:
      - uses: docker/setup-buildx-action@v3

      - name: Log in to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          registry: docker.io
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
+        # Bypassing docker/login-action@v3: the action kept emitting
+        # "malformed HTTP Authorization header" against a known-good
+        # dckr_pat_* token (verified by direct curl against the Hub API).
+        # `docker login --password-stdin` is the documented credential
+        # path and avoids whatever encoding step the action injects.
+        env:
+          DH_USER: ${{ secrets.DOCKERHUB_USERNAME }}
+          DH_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
+        run: |
+          printf '%s' "$DH_TOKEN" | docker login docker.io -u "$DH_USER" --password-stdin

      - name: Log in to ghcr.io
        uses: docker/login-action@v3