we have built two integrations with Drone where we are creating builds via Build Create | Drone.
For a long time we’ve been having issues after gitea/drone updates/restarts:
Our post request just returned an empty response. To make it work again, the user whose
DRONE_TOKEN we are using had to relogin, but we did not understand why that helped.
When it recently occured again, a colleague noticed that it was actually a 302 response with a Location header redirecting to gitea for an oauth2 flow. curl did not follow that because apparently redirects in POST requests are invalid. After the colleague did an arbitrary GET request, it seemed to work again, probably because there redirects were followed and the oauth2 flow was completed.
We now introduced a GET request to the API before the actual POST request, just to trigger the oauth2 flow once first.
Is this how we should do it? Which is the most lightweight GET request we can use?
If the drone token is the only thing we need to provide to drone to be able to trigger the flow and there are obviously no cookies or anything else involved, why can’t drone handle it server side and have the POST requests work without prior get request?
I’m sorry if my descriptions are a bit vague but I cannot reproduce the issue on demand.
Fwiw I have checked drone-js, drone-node and drone-go and couldn’t find any specific redirect or post request handling anywhere, so I assume all these implementations suffer from the same issue.
Thanks in advance