From 7a1dda51a470a7be0c7eb508fb76a4306a1279a9 Mon Sep 17 00:00:00 2001 From: Dennis Hundertmark Date: Sun, 8 Mar 2026 10:29:18 +0100 Subject: [PATCH] ci: update authentication to use GITEA_TOKEN for secure Git operations - Replace GITEA_PASSWORD with GITEA_TOKEN in environment variables - Add validation checks for GITEA_USERNAME and GITEA_TOKEN - Update git remote URL to include token for authentication - Simplify push command to use configured origin remote This change enhances security by using a token instead of a password for Git authentication in the CI pipeline. --- .drone.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index 76ef308..3d01cf2 100644 --- a/.drone.yml +++ b/.drone.yml @@ -48,15 +48,18 @@ steps: environment: GITEA_USERNAME: from_secret: gitea_username - GITEA_PASSWORD: + GITEA_TOKEN: from_secret: gitea_password commands: - apk add --no-cache git sed + - test -n "$GITEA_USERNAME" + - test -n "$GITEA_TOKEN" - git clone https://gitea.mnky-code.de/mnky/k8s-manifests.git - cd k8s-manifests + - git remote set-url origin "https://${GITEA_USERNAME}:${GITEA_TOKEN}@gitea.mnky-code.de/mnky/k8s-manifests.git" - 'sed -i "s|image: gitea.mnky-code.de/mnky/ngrx-playground:.*|image: gitea.mnky-code.de/mnky/ngrx-playground:${DRONE_COMMIT_SHA}|" ngrx-playground/deployment.yaml' - git config user.name "drone" - git config user.email "drone@mnky-code.de" - git add ngrx-playground/deployment.yaml - 'git commit -m "Deploy ngrx-playground ${DRONE_COMMIT_SHA}" || exit 0' - - 'git push https://${GITEA_USERNAME}:${GITEA_PASSWORD}@gitea.mnky-code.de/mnky/k8s-manifests.git HEAD:main' + - git push origin HEAD:main