From 7dd8d7260fdd57419d5efde4a38f16a03e605b57 Mon Sep 17 00:00:00 2001
From: Phillip Wirth <phillip.wirth@dataport.de>
Date: Wed, 12 Mar 2025 15:40:43 +0100
Subject: [PATCH 1/6] test fancy dependency

---
 package-lock.json | 6 ++++--
 package.json      | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 3496ccc602..8382a91253 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -8,7 +8,7 @@
 			"dependencies": {
 				"@braintree/sanitize-url": "^7.1.1",
 				"@ckeditor/ckeditor5-vue": "^5.1.0",
-				"@hpi-schul-cloud/ckeditor": "^1.2.0",
+				"@hpi-schul-cloud/ckeditor": "^0.0.1-4c867f8376b47589cb9696054927d8ba2bec1e21",
 				"@lumieducation/h5p-webcomponents": "^9.2.2",
 				"@vuelidate/core": "^2.0.3",
 				"@vuelidate/validators": "^2.0.4",
@@ -2023,7 +2023,9 @@
 			"license": "MIT"
 		},
 		"node_modules/@hpi-schul-cloud/ckeditor": {
-			"version": "1.2.0",
+			"version": "0.0.1-4c867f8376b47589cb9696054927d8ba2bec1e21",
+			"resolved": "https://npm.pkg.github.com/download/@hpi-schul-cloud/ckeditor/0.0.1-4c867f8376b47589cb9696054927d8ba2bec1e21/b8bc1b765ae9d29931927ae844bbe236de711e5e",
+			"integrity": "sha512-q/DiehCQ/Ly4bIj2ei0WjMUja8F1yK1n7wmNBBoueXIENOncSoHtpPNJwjABpxVsKxYCMrzWL4VWDromfGFt5w==",
 			"license": "AGPL-3.0",
 			"engines": {
 				"node": ">=20",
diff --git a/package.json b/package.json
index 07fe9c6577..fb94b62129 100644
--- a/package.json
+++ b/package.json
@@ -19,7 +19,7 @@
 	"dependencies": {
 		"@braintree/sanitize-url": "^7.1.1",
 		"@ckeditor/ckeditor5-vue": "^5.1.0",
-		"@hpi-schul-cloud/ckeditor": "^1.2.0",
+		"@hpi-schul-cloud/ckeditor": "^0.0.1-4c867f8376b47589cb9696054927d8ba2bec1e21",
 		"@lumieducation/h5p-webcomponents": "^9.2.2",
 		"@vuelidate/core": "^2.0.3",
 		"@vuelidate/validators": "^2.0.4",

From f2ea71b40bebdcc1df1d66a9d4ae4f221a326914 Mon Sep 17 00:00:00 2001
From: Phillip Wirth <phillip.wirth@dataport.de>
Date: Wed, 12 Mar 2025 15:48:50 +0100
Subject: [PATCH 2/6] test test

---
 .github/workflows/push.yml | 1 +
 Dockerfile                 | 8 ++++++++
 2 files changed, 9 insertions(+)

diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index ca9b6acbd8..4cb7e434ee 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -67,6 +67,7 @@ jobs:
         with:
           build-args: |
             SC_THEME=${{ matrix.tenants }}
+            GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
           context: .
           file: ./Dockerfile
           platforms: linux/amd64
diff --git a/Dockerfile b/Dockerfile
index 7c7da81d10..adec5aab7f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,6 +3,14 @@ FROM docker.io/node:22 AS build-stage
 
 WORKDIR /app
 
+ARG GITHUB_TOKEN=""
+
+# Write the .npmrc file only if GITHUB_TOKEN is provided
+# you always need a token to access githubs npm registry
+RUN if [ -n "$GITHUB_TOKEN" ]; then \
+      echo "//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}" > ~/.npmrc; \
+    fi
+
 COPY package.json package-lock.json ./
 RUN npm ci --ignore-scripts
 

From e5af232e6649abef74fa0132222ae04aff3f99b9 Mon Sep 17 00:00:00 2001
From: Phillip Wirth <phillip.wirth@dataport.de>
Date: Wed, 12 Mar 2025 17:50:40 +0100
Subject: [PATCH 3/6] clean clean

---
 .github/workflows/push.yml |  3 ++-
 Dockerfile                 | 18 +++++++++---------
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 4cb7e434ee..3c75fb3c70 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -67,7 +67,8 @@ jobs:
         with:
           build-args: |
             SC_THEME=${{ matrix.tenants }}
-            GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
+          secrets: |
+            'github_token=${{ secrets.GITHUB_TOKEN }}'
           context: .
           file: ./Dockerfile
           platforms: linux/amd64
diff --git a/Dockerfile b/Dockerfile
index adec5aab7f..075435599a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,16 +3,16 @@ FROM docker.io/node:22 AS build-stage
 
 WORKDIR /app
 
-ARG GITHUB_TOKEN=""
-
-# Write the .npmrc file only if GITHUB_TOKEN is provided
-# you always need a token to access githubs npm registry
-RUN if [ -n "$GITHUB_TOKEN" ]; then \
-      echo "//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}" > ~/.npmrc; \
-    fi
-
 COPY package.json package-lock.json ./
-RUN npm ci --ignore-scripts
+
+# Write the .npmrc file only if the GitHub token is provided
+# A token is always required to access GitHub's npm registry
+RUN --mount=type=secret,id=github_token \
+    if [ -f /run/secrets/GIT_AUTH_TOKEN ]; then \
+        echo "//npm.pkg.github.com/:_authToken=$(cat /run/secrets/GIT_AUTH_TOKEN)" > ~/.npmrc; \
+    fi && \
+    npm ci --ignore-scripts && \
+    rm -f ~/.npmrc
 
 COPY babel.config.js eslint.config.js LICENSE.md .prettierrc.js tsconfig.json tsconfig.build.json .prettierignore ./
 COPY lib/eslint-plugin-schulcloud ./lib/eslint-plugin-schulcloud

From 16a4288f7ed34aa4b470f41c2cbef1dcd3b86586 Mon Sep 17 00:00:00 2001
From: Phillip Wirth <phillip.wirth@dataport.de>
Date: Wed, 12 Mar 2025 17:52:39 +0100
Subject: [PATCH 4/6] clean clean

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 075435599a..7ea16aea12 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,7 +7,7 @@ COPY package.json package-lock.json ./
 
 # Write the .npmrc file only if the GitHub token is provided
 # A token is always required to access GitHub's npm registry
-RUN --mount=type=secret,id=github_token \
+RUN --mount=type=secret,id=GIT_AUTH_TOKEN \
     if [ -f /run/secrets/GIT_AUTH_TOKEN ]; then \
         echo "//npm.pkg.github.com/:_authToken=$(cat /run/secrets/GIT_AUTH_TOKEN)" > ~/.npmrc; \
     fi && \

From 239bda1af323cb42b9bec1cf9eba26325d58a83a Mon Sep 17 00:00:00 2001
From: Phillip Wirth <phillip.wirth@dataport.de>
Date: Wed, 12 Mar 2025 17:59:46 +0100
Subject: [PATCH 5/6] clean clean

---
 .github/workflows/push.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 3c75fb3c70..1072457fe4 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -68,7 +68,7 @@ jobs:
           build-args: |
             SC_THEME=${{ matrix.tenants }}
           secrets: |
-            'github_token=${{ secrets.GITHUB_TOKEN }}'
+            GIT_AUTH_TOKEN=${{ github.token }}
           context: .
           file: ./Dockerfile
           platforms: linux/amd64

From 11a145446189f18e205aacb9b423ed986335d1de Mon Sep 17 00:00:00 2001
From: Phillip Wirth <phillip.wirth@dataport.de>
Date: Thu, 13 Mar 2025 12:52:03 +0100
Subject: [PATCH 6/6] added comment

---
 .github/workflows/push.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 1072457fe4..f0d2722736 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -67,6 +67,7 @@ jobs:
         with:
           build-args: |
             SC_THEME=${{ matrix.tenants }}
+          # this is only needed when using the github registry
           secrets: |
             GIT_AUTH_TOKEN=${{ github.token }}
           context: .