From 8429811c94f3e9bf62f7ed52dcbbf680c2339dee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Henrik=20H=C3=BCttemann?= <admin@herh.de>
Date: Tue, 30 Jan 2024 18:39:59 +0100
Subject: [PATCH] Fix Gitpod: Gitea auth token creation (#3299)

The Gitea CLI `generate-access-token` has updated the OAuth scopes and
[posts some warning to the STDOUT when creating a
token](https://github.com/go-gitea/gitea/issues/28758):

```
.../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24.
0adftokenblablubb
```

When logging in to the Gitpod Gitea instance from Woodpecker, I get an
error:

![Authorization failed: Client ID not
registered](https://github.com/woodpecker-ci/woodpecker/assets/7630662/bd28a661-d46e-4691-aff7-a25d64f8e7ce)

This PR fixes the problems leading you to a dialogue authorizing
Woodpecker after logging in to Gitea.

---------

Co-authored-by: Patrick Schratz <patrick.schratz@gmail.com>
---
 .gitpod.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.gitpod.yml b/.gitpod.yml
index a4d940a3c..f5615449f 100644
--- a/.gitpod.yml
+++ b/.gitpod.yml
@@ -42,10 +42,11 @@ tasks:
       $DOCKER_COMPOSE_CMD up -d
       until curl --output /dev/null --silent --head --fail http://localhost:3000; do printf '.'; sleep 1; done
       $GITEA_CLI_CMD admin user create --username woodpecker --password password --email woodpecker@localhost --admin
-      export GITEA_TOKEN=$($GITEA_CLI_CMD admin user generate-access-token -u woodpecker --scopes repo,write:application --raw)
+      export GITEA_TOKEN=$($GITEA_CLI_CMD admin user generate-access-token -u woodpecker --scopes write:repository,write:user --raw | tail -n 1 | awk 'NF{ print $NF }')
       GITEA_OAUTH_APP=$(curl -X 'POST' 'http://localhost:3000/api/v1/user/applications/oauth2' \
         -H 'accept: application/json' -H 'Content-Type: application/json' -H "Authorization: token ${GITEA_TOKEN}" \
         -d "{ \"name\": \"Woodpecker CI\", \"confidential_client\": true, \"redirect_uris\": [ \"https://8000-${GITPOD_WORKSPACE_ID}.${GITPOD_WORKSPACE_CLUSTER_HOST}/authorize\" ] }")
+      touch .env
       grep "WOODPECKER_GITEA_CLIENT=" .env \
         && sed "s,^WOODPECKER_GITEA_CLIENT=.*,WOODPECKER_GITEA_CLIENT=$(echo $GITEA_OAUTH_APP | jq -r .client_id)," .env \
         || echo WOODPECKER_GITEA_CLIENT=$(echo $GITEA_OAUTH_APP | jq -r .client_id) >> .env