From fa5456c2b81fc41da4294c5789b9eb7f2cf46c0d Mon Sep 17 00:00:00 2001
From: Echo <echo@moon-dragon.us>
Date: Fri, 24 Apr 2026 02:54:18 +0000
Subject: [PATCH] ci: Use GITEA_TOKEN fallback for API archive checkout

- GITHUB_TOKEN may not be injected in linux:host mode
- Use GITEA_TOKEN from runner environment as fallback
- API archive download with Authorization header is proven working
- Added GITEA_TOKEN to act-runner systemd service environment
---
 .gitea/workflows/build.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml
index 7b0b43c..28452c8 100644
--- a/.gitea/workflows/build.yml
+++ b/.gitea/workflows/build.yml
@@ -23,9 +23,10 @@ jobs:
 
       - name: Checkout repository
         run: |
-          # Use Gitea API archive download (avoids git auth issues with private repos)
-          # Token auth works reliably in HTTP headers, not in git URLs
-          curl -sf -H "Authorization: token ${GITHUB_TOKEN}" \
+          # Use Gitea API archive download with token auth
+          # GITHUB_TOKEN may not be injected in linux:host mode; fall back to GITEA_TOKEN
+          TOKEN="${GITHUB_TOKEN:-$GITEA_TOKEN}"
+          curl -sf -H "Authorization: token ${TOKEN}" \
             "http://192.168.2.189:3000/api/v1/repos/${GITHUB_REPOSITORY}/archive/${GITHUB_SHA}.tar.gz" \
             -o repo.tar.gz
           tar xzf repo.tar.gz --strip-components=1