woodpecker/.gitpod.yml
Henrik Hüttemann 8429811c94
Fix Gitpod: Gitea auth token creation (#3299)
The Gitea CLI `generate-access-token` has updated the OAuth scopes and
[posts some warning to the STDOUT when creating a
token](https://github.com/go-gitea/gitea/issues/28758):

```
.../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24.
0adftokenblablubb
```

When logging in to the Gitpod Gitea instance from Woodpecker, I get an
error:

![Authorization failed: Client ID not
registered](https://github.com/woodpecker-ci/woodpecker/assets/7630662/bd28a661-d46e-4691-aff7-a25d64f8e7ce)

This PR fixes the problems leading you to a dialogue authorizing
Woodpecker after logging in to Gitea.

---------

Co-authored-by: Patrick Schratz <patrick.schratz@gmail.com>
2024-01-30 18:39:59 +01:00

119 lines
4.6 KiB
YAML

tasks:
- name: Server
env:
WOODPECKER_OPEN: true
WOODPECKER_ADMIN: woodpecker
WOODPECKER_HOST: http://host.docker.internal:8000
WOODPECKER_AGENT_SECRET: '1234'
WOODPECKER_GITEA: true
WOODPECKER_DEV_WWW_PROXY: http://localhost:8010
WOODPECKER_BACKEND_DOCKER_NETWORK: ci_default
init: |
GO_VERSION=1.21.5
rm -rf ~/go
curl -fsSL https://dl.google.com/go/go$GO_VERSION.linux-amd64.tar.gz | tar xzs -C ~/
go mod tidy
mkdir -p web/dist
touch web/dist/index.html
make build-server
command: |
grep "WOODPECKER_GITEA_URL=" .env \
&& sed "s,^WOODPECKER_GITEA_URL=.*,WOODPECKER_GITEA_URL=$(gp url 3000)," .env \
|| echo WOODPECKER_GITEA_URL=$(gp url 3000) >> .env
grep "WOODPECKER_DEV_OAUTH_HOST=" .env \
&& sed "s,^WOODPECKER_DEV_OAUTH_HOST=.*,WOODPECKER_DEV_OAUTH_HOST=$(gp url 8000)," .env \
|| echo WOODPECKER_DEV_OAUTH_HOST=$(gp url 8000) >> .env
gp sync-await gitea
gp sync-done woodpecker-server
go run go.woodpecker-ci.org/woodpecker/v2/cmd/server
- name: Agent
env:
WOODPECKER_SERVER: localhost:9000
WOODPECKER_AGENT_SECRET: '1234'
WOODPECKER_MAX_WORKFLOWS: 1
WOODPECKER_HEALTHCHECK: false
command: |
gp sync-await woodpecker-server
go run go.woodpecker-ci.org/woodpecker/v2/cmd/agent
- name: Gitea
command: |
export DOCKER_COMPOSE_CMD="docker-compose -f docker-compose.gitpod.yaml -p woodpecker"
export GITEA_CLI_CMD="$DOCKER_COMPOSE_CMD exec -u git gitea gitea"
$DOCKER_COMPOSE_CMD up -d
until curl --output /dev/null --silent --head --fail http://localhost:3000; do printf '.'; sleep 1; done
$GITEA_CLI_CMD admin user create --username woodpecker --password password --email woodpecker@localhost --admin
export GITEA_TOKEN=$($GITEA_CLI_CMD admin user generate-access-token -u woodpecker --scopes write:repository,write:user --raw | tail -n 1 | awk 'NF{ print $NF }')
GITEA_OAUTH_APP=$(curl -X 'POST' 'http://localhost:3000/api/v1/user/applications/oauth2' \
-H 'accept: application/json' -H 'Content-Type: application/json' -H "Authorization: token ${GITEA_TOKEN}" \
-d "{ \"name\": \"Woodpecker CI\", \"confidential_client\": true, \"redirect_uris\": [ \"https://8000-${GITPOD_WORKSPACE_ID}.${GITPOD_WORKSPACE_CLUSTER_HOST}/authorize\" ] }")
touch .env
grep "WOODPECKER_GITEA_CLIENT=" .env \
&& sed "s,^WOODPECKER_GITEA_CLIENT=.*,WOODPECKER_GITEA_CLIENT=$(echo $GITEA_OAUTH_APP | jq -r .client_id)," .env \
|| echo WOODPECKER_GITEA_CLIENT=$(echo $GITEA_OAUTH_APP | jq -r .client_id) >> .env
grep "WOODPECKER_GITEA_SECRET=" .env \
&& sed "s,^WOODPECKER_GITEA_SECRET=.*,WOODPECKER_GITEA_SECRET=$(echo $GITEA_OAUTH_APP | jq -r .client_secret)," .env \
|| echo WOODPECKER_GITEA_SECRET=$(echo $GITEA_OAUTH_APP | jq -r .client_secret) >> .env
curl -X 'POST' \
'http://localhost:3000/api/v1/user/repos' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-H "Authorization: token ${GITEA_TOKEN}" \
-d '{ "auto_init": false, "name": "woodpecker-test", "private": true, "template": false, "trust_model": "default" }'
cd contrib/woodpecker-test-repo
git init
git checkout -b main
git remote add origin http://woodpecker:${GITEA_TOKEN}@localhost:3000/woodpecker/woodpecker-test.git
git add .
git commit -m "Initial commit"
git push -u origin main
cd ../..
gp sync-done gitea
$DOCKER_COMPOSE_CMD logs -f
- name: App
before: |
cd web/
init: |
pnpm install
command: |
pnpm start
- name: Docs
before: |
cd docs/
init: |
pnpm install
pnpm build:woodpecker-plugins
command: |
pnpm start --port 4000
ports:
- port: 3000
name: Gitea
onOpen: ignore
visibility: public # TODO: https://github.com/woodpecker-ci/woodpecker/issues/856
- port: 8000
name: Woodpecker
onOpen: notify
visibility: public # TODO: https://github.com/woodpecker-ci/woodpecker/issues/856
- port: 9000
name: Woodpecker GRPC
onOpen: ignore
- port: 8010
description: Do not use! Access woodpecker on port 8000
onOpen: ignore
- port: 4000
name: Docs
onOpen: notify
vscode:
extensions:
# cSpell:disable
- 'golang.go'
- 'EditorConfig.EditorConfig'
- 'dbaeumer.vscode-eslint'
- 'esbenp.prettier-vscode'
- 'voorjaar.windicss-intellisense'
- 'Vue.volar'
- 'redhat.vscode-yaml'
- 'davidanson.vscode-markdownlint'
- 'streetsidesoftware.code-spell-checker'
# cSpell:enable