Configure DVC credentials explicitly in CI/CD pipeline

DVC needs credentials to be configured via 'dvc remote modify' command
rather than just environment variables. This fixes 403 Forbidden errors
when accessing MinIO/S3 storage.

Changes:
- Added dvc remote modify commands to set access_key_id and secret_access_key
- Applied to both pull and push operations in test and train jobs
- Added .dvc/config.local to .gitignore to prevent credential leaks

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

.gitea/workflows/mlops-pipeline.yml

@@ -35,6 +35,8 @@ jobs:
 
       - name: Setup DVC
         run: |
+          poetry run dvc remote modify minio access_key_id $AWS_ACCESS_KEY_ID
+          poetry run dvc remote modify minio secret_access_key $AWS_SECRET_ACCESS_KEY
           poetry run dvc remote list
           poetry run dvc pull || echo "DVC pull failed, continuing..."
         env:
@@ -79,6 +81,8 @@ jobs:
 
       - name: Setup DVC
         run: |
+          poetry run dvc remote modify minio access_key_id $AWS_ACCESS_KEY_ID
+          poetry run dvc remote modify minio secret_access_key $AWS_SECRET_ACCESS_KEY
           poetry run dvc remote list
           poetry run dvc pull || echo "DVC pull failed, continuing..."
         env:
@@ -94,6 +98,8 @@ jobs:
 
       - name: Push DVC changes
         run: |
+          poetry run dvc remote modify minio access_key_id $AWS_ACCESS_KEY_ID
+          poetry run dvc remote modify minio secret_access_key $AWS_SECRET_ACCESS_KEY
           poetry run dvc push || echo "DVC push failed, continuing..."
         env:
           AWS_ACCESS_KEY_ID: ${{ secrets.DVC_ID }}

.gitignore

@@ -5,3 +5,4 @@ data/raw/*
 data/processed/*
 models/*.pkl
 .dvc/cache
+.dvc/config.local