[Documentation] Document how Gogs/Gitea login works

Hey, I’ve noticed there is no documentation on how the integration works with gitea. I was caught by surprise that I had to use my gitea credentials to login to drone. Maybe this could be described in the quick setup guide for gitea/gogs?

I ultimately found this unofficial documentation that told me how it works. (see p.11)

unofficial documentation

Agreed that the docs need to be updated.

I was caught by surprise that I had to use my gitea credentials to login to drone

Drone requires oauth to generate a token and interact with the source code management system (GitLab, GitHub, Bitbucket, etc). Neither Gogs/Gitea implement oauth. This means the only way to generate a Gogs/Gitea API token is with username and password. I understand why this behavior seems surprising, but this is our only option until Gogs/Gitea enable better third party application integration.


I didn’t find anything special in the server logs. Is this reaction meant for this thread?

yes, that comment was meant for another thread and was deleted.

@Mindavi There is an open PR for Gitea to add oauth2 https://github.com/go-gitea/gitea/pull/5378 so soon sending gitea user/pass to drone will no longer be needed.

1 Like

@Mindavi (and others who come to search for this)
With the release of Drone 1.1.0 today and Gitea 1.8 this past Saturday, Drone and Gitea now can communicate with each other via OAuth2.

As of this date (Apr 23) these instructions work with the software versions listed above:

  1. Set up an oauth2 application per https://docs.gitea.io/en-us/oauth2-provider/ and make sure to record the clientID and secret key.
  2. In your Drone install in addition to the standard env vars (such as where the database is located, and what domain drone should use), you also need DRONE_GITEA_CLIENT_ID, DRONE_GITEA_CLIENT_SECRET and DRONE_GITEA_SERVER. (and DRONE_GIT_ALWAYS_AUTH is an optional one that you may need (if cloning fails you can try setting this variable to true)

Thanks for the update. This makes setting up integration and logging in clearer (and safer). Very cool!