Use gitea secrets.

.gitea/workflows/release.yml

@@ -9,9 +9,7 @@ on:
     - cron: '0 0 * * 0'
 
 env:
-  USER: chris
+  IMAGE: /docker/nginx-fpm
-  PASS: q',\H(Od:G3).Xv<#!5P
-
 
 jobs:
   Build-and-release-image:
@@ -28,34 +26,34 @@ jobs:
       - name: Log into registry
         uses: docker/login-action@v3
         with:
-          registry: https://cs-git.ddnss.de
+          registry: ${{ secrets.REGISTRY_URL }}
-          username: ${{ env.USER }}
+          username: ${{ secrets.USER }}
-          password: ${{ env.PASS }}
+          password: ${{ secrets.PASS }}
 
       - name: Extract Docker metadata
         id: meta
         uses: docker/metadata-action@v5
         with:
-          images: cs-git.ddnss.de/docker/nginx-fpm
+          images: ${{ secrets.REGISTRY_URL }}${{ env.IMAGE }}
 
       - name: Build and push Docker image
         uses: docker/build-push-action@v4
         env:
           ACTIONS_RUNTIME_TOKEN: ''
         with:
-          tags: cs-git.ddnss.de/docker/nginx-fpm:latest
+          tags: ${{ secrets.REGISTRY_URL }}${{ env.IMAGE }}:latest
           push: true
           
       - name: Scan image
         uses: anchore/scan-action@v6
         id: scan
         with:
-          image: "cs-git.ddnss.de/docker/nginx-fpm:latest"
+          image: ${{ secrets.REGISTRY_URL }}${{ env.IMAGE }}:latest
           fail-build: false
           output-format: table
           severity-cutoff: critical
-          registry-username: ${{ env.USER }}
+          registry-username: ${{ secrets.USER }}
-          registry-password: ${{ env.PASS }}
+          registry-password: ${{ secrets.PASS }}
           grype-version: 'v0.90.0'
       
       - name: Inspect file