From 266b9b59c2ae2583d4d85ec7795ec62059da1746 Mon Sep 17 00:00:00 2001
From: dev-1 <dev-1@gitea.local>
Date: Sun, 30 Nov 2025 15:47:18 +0530
Subject: [PATCH] Update Push to Registry stage with secure credentials
 handling for DigitalOcean

---
 Jenkinsfile | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index 2569f8a..5172a5b 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -42,10 +42,21 @@ pipeline {
 
         stage('Push to Registry') {
             steps {
-                script {
-                    echo "Pushing images to DigitalOcean..."
-                    sh "docker push ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}"
-                    sh "docker push ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG}"
+                // Securely inject the token into the script
+                withCredentials([string(credentialsId: 'do-registry-token', variable: 'DO_TOKEN')]) {
+                    script {
+                        echo "Logging into DigitalOcean Registry..."
+                        
+                        // Explicit Login: Uses the token as both user and password (DO Standard)
+                        sh 'echo $DO_TOKEN | docker login registry.digitalocean.com -u $DO_TOKEN --password-stdin'
+                        
+                        echo "Pushing images..."
+                        sh "docker push ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}"
+                        sh "docker push ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG}"
+                        
+                        // Cleanup: Logout to keep the agent secure
+                        sh 'docker logout registry.digitalocean.com'
+                    }
                 }
             }
         }