Closed zxcvbnm3057 closed 2 years ago
since I guess it's about https://github.com/go-gitea/gitea/issues/17964
you have to use the current master branch until v0.15.0 got released - so just stick to latest
(v0.14.* do not support path filter for gitea)
and I guess the root CAs would need an update so we would have to backport the docker files and rebuild - that should fix it
thanks, I have solved it. That was nginx-proxy.
new error:
time="2021-12-13T20:15:27Z" level=error msg="cannot authenticate user. oauth2: cannot fetch token: 405 Method Not Allowed\nResponse: "
It happened when I confirm the oauth request in gitea
There is also an error report in Gitea log
Completed GET /login/oauth/access_token 405 Method Not Allowed in 204.447µs
and I guess the root CAs would need an update so we would have to backport the docker files and rebuild - that should fix it
That might be. But I still confuse about why WOODPECKER_GITEA_SKIP_VERIFY
and DRONE_GITEA_SKIP_VERIFY
doesn't work?
well they should work for selve signed certs
Hi, tested this feature with the image woodpeckerci/woodpecker-server:v0.15 and WOODPECKER_GITEA_SKIP_VERIFY seems to still have no effect. The git certificate is signed by my own ca.
{"time":"2022-03-22T17:17:48Z","message":"LogLevel = warn"}
{"level":"error","time":"2022-03-22T17:18:00Z","message":"cannot authenticate user. Post \"https://git.lan/login/oauth/access_token\": x509: certificate signed by unknown authority"}
Hi, tested this feature with the image woodpeckerci/woodpecker-server:v0.15 and WOODPECKER_GITEA_SKIP_VERIFY seems to still have no effect. The git certificate is signed by my own ca.
{"time":"2022-03-22T17:17:48Z","message":"LogLevel = warn"} {"level":"error","time":"2022-03-22T17:18:00Z","message":"cannot authenticate user. Post \"https://git.lan/login/oauth/access_token\": x509: certificate signed by unknown authority"}
I confirm that it does not work for me aswell.
{"level":"error","time":"2022-07-20T19:36:04+02:00","message":"cannot authenticate user. Post \"https://git.lan/login/oauth/access_token\": x509: certificate signed by unknown authority"}
woodpecker-server version 0.15.3
Hey, i have the same issue on that. I'm using step-ca for self-signed certifcates. And setting WOODPECKER_GITEA_SKIP_VERIFY does not have an effect and I get the same error as mentioned above.
I just fixed the issue for gitlab ... so I'll now know what to do :)
Is this already implemented in the latest / next docker image?
I tried both versions with WOODPECKER_GITEA_SKIP_VERIFY=true
but still get the following error message on clone during the pipeline.
+ git fetch --no-tags origin +refs/heads/main:
fatal: unable to access 'https://git.demo.com/test/test.git/': SSL certificate problem: self-signed certificate
ah that's a plugin-git thing ... you need a custom clone step too:
settings:
skip_verify: true
Perfect. Thank you. One Step further.
Now it says could not read user name. I will have a deeper look in the documentation.
fatal: could not read Username for 'https://git.demo.com': No such device or address
it user netrc to auth ...
Thank you for the hint with netrc. Its working with public Repos but not working on private Repos. But I do not know how to troubleshoot.
woodpecker-agent | {"level":"debug","repo":"test/test","build":"25","id":"89","image":"docker.io/woodpeckerci/plugin-git:latest","stage":"git","time":"2022-09-12T07:42:55Z","message":"log stream opened"}
gitea | 2022/09/12 07:42:55 [631ee2ff] router: completed GET /test/test.git/info/refs?service=git-upload-pack for 172.18.0.1:0, 401 Unauthorized in 2.1ms @ repo/http.go:532(repo.GetInfoRefs)
See what gitea api reports if you get repo info ... it should have private: true
but currently there are edgecases where it's not (if org is priv .or limit. and repo set to public, api reports public even if it's not)
@metzgerd this is worth it's own issue I'll lock this one now, for chating we have discord or matrix
Component
server
Describe the bug
I set both
WOODPECKER_GITEA_SKIP_VERIFY=true
andDRONE_GITEA_SKIP_VERIFY=true
in docker environment but still get the errorx509: certificate signed by unknown authority
. My server is using cert sign byEncryption Everywhere DV TLS CA - G1
. Any help?System Info
Additional context
Validations