From 51dd23de73d6beada13e5dd64280b38ca39823c5 Mon Sep 17 00:00:00 2001
From: Haitao Pan <manbuzhe2009@qq.com>
Date: Fri, 10 Apr 2026 20:37:24 +0800
Subject: [PATCH] fix: log in to ghcr before sbom scan

---
 .github/workflows/pipeline.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 20b0495..5401a75 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -355,6 +355,13 @@ jobs:
       - name: Check Out Repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
+      - name: Log In To GHCR
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+        with:
+          registry: ghcr.io
+          username: ${{ vars.GHCR_USERNAME || github.repository_owner }}
+          password: ${{ secrets.GHCR_TOKEN || github.token }}
+
       - name: Validate Deployed Endpoint
         run: bash ./scripts/github-actions/validate-deploy.sh https://accounts.svc.plus