Skip to content

Commit

Permalink
Fix Gitpod: Gitea auth token creation (#3299)
Browse files Browse the repository at this point in the history 
The Gitea CLI `generate-access-token` has updated the OAuth scopes and
[posts some warning to the STDOUT when creating a
token](go-gitea/gitea#28758):

```
.../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24.
0adftokenblablubb
```

When logging in to the Gitpod Gitea instance from Woodpecker, I get an
error:

![Authorization failed: Client ID not
registered](https://github.com/woodpecker-ci/woodpecker/assets/7630662/bd28a661-d46e-4691-aff7-a25d64f8e7ce)

This PR fixes the problems leading you to a dialogue authorizing
Woodpecker after logging in to Gitea.

---------

Co-authored-by: Patrick Schratz <patrick.schratz@gmail.com>
  • Loading branch information
@HerHde @pat-s
HerHde and pat-s authored Jan 30, 2024
1 parent 9df572e commit 8429811
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion .gitpod.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,10 +42,11 @@ tasks:
$DOCKER_COMPOSE_CMD up -d
until curl --output /dev/null --silent --head --fail http://localhost:3000; do printf '.'; sleep 1; done
$GITEA_CLI_CMD admin user create --username woodpecker --password password --email woodpecker@localhost --admin
export GITEA_TOKEN=$($GITEA_CLI_CMD admin user generate-access-token -u woodpecker --scopes repo,write:application --raw)
export GITEA_TOKEN=$($GITEA_CLI_CMD admin user generate-access-token -u woodpecker --scopes write:repository,write:user --raw | tail -n 1 | awk 'NF{ print $NF }')
GITEA_OAUTH_APP=$(curl -X 'POST' 'http://localhost:3000/api/v1/user/applications/oauth2' \
-H 'accept: application/json' -H 'Content-Type: application/json' -H "Authorization: token ${GITEA_TOKEN}" \
-d "{ \"name\": \"Woodpecker CI\", \"confidential_client\": true, \"redirect_uris\": [ \"https://8000-${GITPOD_WORKSPACE_ID}.${GITPOD_WORKSPACE_CLUSTER_HOST}/authorize\" ] }")
touch .env
grep "WOODPECKER_GITEA_CLIENT=" .env \
&& sed "s,^WOODPECKER_GITEA_CLIENT=.*,WOODPECKER_GITEA_CLIENT=$(echo $GITEA_OAUTH_APP | jq -r .client_id)," .env \
|| echo WOODPECKER_GITEA_CLIENT=$(echo $GITEA_OAUTH_APP | jq -r .client_id) >> .env
Expand Down

0 comments on commit 8429811

Please sign in to comment.