From dec2fb8e889b5f34d3db11cdb9f580f1ae7b503d Mon Sep 17 00:00:00 2001
From: Artsiom Shamsutdzinau <shamsartem@gmail.com>
Date: Fri, 31 Jan 2025 11:33:20 +0100
Subject: [PATCH] up github actions

---
 .github/workflows/docs.yml    | 25 +++++++++++++++++++++++++
 .github/workflows/pack.yml    | 11 ++++++++++-
 .github/workflows/promote.yml |  2 ++
 3 files changed, 37 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
index bac4fc330..d9d558938 100644
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -16,6 +16,9 @@ env:
 
 jobs:
   docs:
+    permissions:
+      contents: write
+      id-token: write
     env:
       TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
       TURBO_TEAM: ${{ vars.TURBO_TEAM }}
@@ -50,6 +53,28 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-turbo-
 
+      - name: Import secrets
+        uses: hashicorp/vault-action@v3.0.0
+        id: secrets
+        with:
+          url: https://vault.fluence.dev
+          path: jwt/github
+          role: ci
+          method: jwt
+          jwtGithubAudience: "https://github.com/fluencelabs"
+          jwtTtl: 300
+          exportToken: false
+          secrets: |
+            kv/docker-registry/basicauth/ci username | DOCKER_USERNAME ;
+            kv/docker-registry/basicauth/ci password | DOCKER_PASSWORD ;
+
+      - name: Login to private docker registry
+        uses: docker/login-action@v3
+        with:
+          registry: docker.fluence.dev
+          username: ${{ env.DOCKER_USERNAME }}
+          password: ${{ env.DOCKER_PASSWORD }}
+
       - name: Run on each commit
         run: yarn on-each-commit
 
diff --git a/.github/workflows/pack.yml b/.github/workflows/pack.yml
index 5ebdc0398..791ae9e7f 100644
--- a/.github/workflows/pack.yml
+++ b/.github/workflows/pack.yml
@@ -68,7 +68,16 @@ jobs:
           secrets: |
             kv/npm-registry/basicauth/ci token | NODE_AUTH_TOKEN;
             kv/ci/fcli-binaries id | AWS_ACCESS_KEY_ID ;
-            kv/ci/fcli-binaries secret | AWS_SECRET_ACCESS_KEY
+            kv/ci/fcli-binaries secret | AWS_SECRET_ACCESS_KEY ;
+            kv/docker-registry/basicauth/ci username | DOCKER_USERNAME ;
+            kv/docker-registry/basicauth/ci password | DOCKER_PASSWORD ;
+
+      - name: Login to private docker registry
+        uses: docker/login-action@v3
+        with:
+          registry: docker.fluence.dev
+          username: ${{ env.DOCKER_USERNAME }}
+          password: ${{ env.DOCKER_PASSWORD }}
 
       - name: Setup node with self-hosted npm registry
         uses: actions/setup-node@v4
diff --git a/.github/workflows/promote.yml b/.github/workflows/promote.yml
index 4f7b2a5f9..765a14472 100644
--- a/.github/workflows/promote.yml
+++ b/.github/workflows/promote.yml
@@ -18,6 +18,8 @@ on:
 env:
   CI: true
   FORCE_COLOR: true
+  AWS_REGION: "eu-west-1"
+  AWS_S3_FORCE_PATH_STYLE: true
 
 jobs:
   promote: