From 0f89d90cbc3fbefe93faf417837e513fe1b29c78 Mon Sep 17 00:00:00 2001
From: Tracewebstudio Dev <dev@tracewebstudio.com>
Date: Thu, 30 Apr 2026 20:59:10 +0200
Subject: [PATCH] fix(ci): tolerate /user 401 and fallback to configured auth
 user

---
 .github/workflows/sync-to-gitea.yml | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/sync-to-gitea.yml b/.github/workflows/sync-to-gitea.yml
index bd2fb49..8b3cf5b 100644
--- a/.github/workflows/sync-to-gitea.yml
+++ b/.github/workflows/sync-to-gitea.yml
@@ -18,16 +18,27 @@ jobs:
 
       - name: Sync to Gitea
         env:
-          GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
+          GITEA_TOKEN_PRIMARY: ${{ secrets.GITEA_TOKEN }}
+          GITEA_TOKEN_FALLBACK: ${{ secrets.GITEA_SECRET }}
+          GITEA_USERNAME: ${{ secrets.GITEA_USERNAME }}
           REPO: ${{ github.event.repository.name }}
           BRANCH: ${{ github.ref_name }}
         run: |
           set -euo pipefail
 
+          GITEA_TOKEN="${GITEA_TOKEN_PRIMARY:-${GITEA_TOKEN_FALLBACK:-}}"
+          if [ -z "${GITEA_TOKEN}" ]; then
+            echo "Missing token secret: set GITEA_TOKEN (preferred) or GITEA_SECRET"
+            exit 1
+          fi
+
           git config user.name "github-actions[bot]"
           git config user.email "github-actions[bot]@users.noreply.github.com"
 
-          GITEA_USER="$(curl -fsS -H "Authorization: token ${GITEA_TOKEN}" https://ci.nxtgauge.com/api/v1/user | jq -r '.login')"
+          GITEA_USER="$(curl -fsS -H "Authorization: token ${GITEA_TOKEN}" https://ci.nxtgauge.com/api/v1/user 2>/dev/null | jq -r '.login // empty' || true)"
+          if [ -z "$GITEA_USER" ]; then
+            GITEA_USER="${GITEA_USERNAME:-Admin}"
+          fi
           TARGET="https://ci.nxtgauge.com/Admin/${REPO}.git"
           AUTH="$(printf '%s' "${GITEA_USER}:${GITEA_TOKEN}" | base64 | tr -d '\n')"