Closed everflux closed 3 weeks ago
And by the way the web hook url looks like this
http://server.woodpecker/api/hook?access_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyZXBvLWlkIjoiMCIsInR5cGUiOiJob29rIn0.jepsS3d37d1Sl1uLKKIqS7ID02zzaMkozwhx_bHAWj8
The decoded JWT payload
{
"repo-id": "0",
"type": "hook"
}
I am not sure whether I don't understand the code correctly or the property 'text' of the token is accessed, which does not seem to be in place.
Could you release a fix for this issue? It is a little embarrassing when I try to promote woodpecker and have to explain that the first action is 'repair repository'.
If this is completed, could you provide a fix release, please?
We want to include #3722 and will publish a release once that's merged
Works with 2.6.0, thanks for the timely release!
I have a fresh WP 2.5 setup in Kubernetes (docker desktop) that uses the newly introduced separate URL for gitea access ( https://github.com/woodpecker-ci/woodpecker/issues/3470 )
I have these settings in woodpecker:
(for browser access / oauth) name: WOODPECKER_DEV_GITEA_OAUTH_URL value: "http://gitea.localhost"
(for access from woodpecker) name: WOODPECKER_GITEA_URL value: "http://gitea-http.gitea:3000"
And this in gitea: name: GITEAserverROOT_URL value: "http://gitea-http.gitea:3000"
When webhooks are delivered, gitea gets the response HTTP 403 with the body "failure to verify token from hook. Expected manager/php-app, got " (really blank at the end, I did not truncate the message).
I assume this is the origin: https://github.com/woodpecker-ci/woodpecker/blob/ed7fe029796a1ca6f119a7458ae5c7f23bf97aa1/server/api/hook.go#L204
It worked in WP 2.4 (when I did not use separate URLs though)