Due to renew code being gated with
build !oss (https://github.com/drone/drone/blob/1ce573320eafa7bae5125886040c5795e039b3d3/service/token/renew.go), Drone doesn’t ever refresh OAuth tokens. Which means after an hour after login (actual value depends on
ACCESS_TOKEN_EXPIRATION_TIME configuration value on the Gitea side, this value can lowered to 30 to make reproduction of this problem easier), all requests from Drone to Gitea will fail with 403. Drone diagnostics are not very useful in this case, as it will say “404: Record not found”. Users will have to manually logout and login again to make Drone load repositories again.
I tried removing the
renew_oss.go file and
build !oss directive, and it fixed the problem. Drone started renewing tokens properly.
Is there any reason why renew code is gated with
build !oss? It makes OAuth support pretty much broken.