fix(ci): use basic auth header for gitea git operations

2026-04-30 20:38:18 +02:00 · 2026-04-30 20:38:18 +02:00 · 6a22b107ba
commit 6a22b107ba
parent 017c550b96
1 changed files with 15 additions and 6 deletions
--- a/.github/workflows/sync-to-gitea.yml
+++ b/.github/workflows/sync-to-gitea.yml
@ -72,11 +72,14 @@ jobs:
            exit 1
          fi

+          TARGET_REMOTE_URL="https://${GITEA_HOST}/${TARGET_FULL_NAME}.git"
+
          for auth_user in "$TOKEN_OWNER_USER" "$GITEA_USERNAME" "oauth2"; do
            [ -n "$auth_user" ] || continue
-            auth_url="https://${auth_user}:${GITEA_TOKEN}@${GITEA_HOST}/${TARGET_FULL_NAME}.git"
-            if git ls-remote "$auth_url" >/dev/null 2>&1; then
-              TARGET_URL="$auth_url"
+            AUTH_B64="$(printf '%s' "${auth_user}:${GITEA_TOKEN}" | base64 | tr -d '\n')"
+            if git -c http.extraHeader="Authorization: Basic ${AUTH_B64}" ls-remote "$TARGET_REMOTE_URL" >/dev/null 2>&1; then
+              TARGET_URL="$TARGET_REMOTE_URL"
+              TARGET_HTTP_AUTH_HEADER="Authorization: Basic ${AUTH_B64}"
              echo "Using Gitea credential mode for ${TARGET_FULL_NAME} as ${auth_user}"
              break
            fi
@ -88,7 +91,8 @@ jobs:
            "https://${GITEA_TOKEN}@${GITEA_HOST}/${TARGET_FULL_NAME}.git" \
            "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${TARGET_FULL_NAME}.git"; do
              if git ls-remote "$auth_url" >/dev/null 2>&1; then
-                TARGET_URL="$auth_url"
+                TARGET_URL="$TARGET_REMOTE_URL"
+                TARGET_HTTP_AUTH_HEADER=""
                echo "Using Gitea credential mode for ${TARGET_FULL_NAME}"
                break
              fi
@ -102,7 +106,12 @@ jobs:

          git remote add gitea "$TARGET_URL"

+          if [ -n "${TARGET_HTTP_AUTH_HEADER:-}" ]; then
+            git -c http.extraHeader="$TARGET_HTTP_AUTH_HEADER" fetch gitea "$BRANCH_NAME" || true
+            git -c http.extraHeader="$TARGET_HTTP_AUTH_HEADER" push gitea "HEAD:${BRANCH_NAME}" --force-with-lease=refs/heads/"$BRANCH_NAME"
+          else
            git fetch gitea "$BRANCH_NAME" || true
            git push gitea "HEAD:${BRANCH_NAME}" --force-with-lease=refs/heads/"$BRANCH_NAME"
+          fi

          echo "Sync complete!"