Can't figure out how to give user write access to just one repo


I’m looking for a good way of allowing one Drone pipeline to trigger another in the same repository, ideally without just giving that pipeline access to run/promote/whatever builds in all of my Drone repos. Using Gitea as my repo provider.

My first thought was to just create a new user in Gitea, give it write access to the repo, then log in to Drone with that user and use their token. Unfortunately, that doesn’t seem to work. I just get “not found” when I try to hit API endpoints that require write access, like creating a build or running a cron job.

I also looked into machine users, but it seems that there isn’t a way to give a machine user access to just one repo - it’s either read-only or admin access to everything.

Is there a good way to accomplish this? I could always make a small proxy and stick it in front of Drone’s API, and then I could apply whatever filtering I wanted, but I’d prefer to use a built-in solution if one exists.

this is the recommended approach that most people use. It requires the user have write access to the repository in Gitea. When the user logs in to Drone, you may need to click the synchronize button to ensure the repository permissions are in sync with Gitea.

Got it, thanks! The step I was missing was synchronizing from the account in question; I had tried syncing but only from my main account.

Thanks again! Absolutely loving Drone so far, feels both powerful and polished which is a great combination :slight_smile: