Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
We have some actions that leverage the Gitea API that began receiving 401 errors, with a message that the user was not found. These actions use the ACTIONS_RUNTIME_TOKEN env var in the actions job to authenticate with the Gitea API. The format of this env var in actions jobs changed with go-gitea/gitea/pull/28885 to be a JWT (with a corresponding update to act_runner) Since it was a JWT, the OAuth parsing logic attempted to parse it as an OAuth token, and would return user not found, instead of falling back to look up the running task and assigning it to the actions user.
Make ACTIONS_RUNTIME_TOKEN in action runners could be used, attempting to parse Oauth JWTs. The code to parse potential old ACTION_RUNTIME_TOKEN was kept in case someone is running an older version of act_runner that doesn't support the Actions JWT.
Backport #32527
We have some actions that leverage the Gitea API that began receiving 401 errors, with a message that the user was not found. These actions use the
ACTIONS_RUNTIME_TOKENenv var in the actions job to authenticate with the Gitea API. The format of this env var in actions jobs changed with go-gitea/gitea/pull/28885 to be a JWT (with a corresponding update toact_runner) Since it was a JWT, the OAuth parsing logic attempted to parse it as an OAuth token, and would return user not found, instead of falling back to look up the running task and assigning it to the actions user.Make ACTIONS_RUNTIME_TOKEN in action runners could be used, attempting to parse Oauth JWTs. The code to parse potential old
ACTION_RUNTIME_TOKENwas kept in case someone is running an older version of act_runner that doesn't support the Actions JWT.