forgejo_admin/pal-e-api
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

fix: add auth header to wget for private repo download #235

Merged
forgejo_admin merged 1 commit from 226-fix-wget-auth into main 2026-03-28 16:44:45 +00:00
Conversation 1 Commits 1 Files changed 1 +1
forgejo_admin commented 2026-03-28 16:31:48 +00:00
Owner
Copy link

Summary

The update-kustomize-tag CI step downloads update-kustomize-tag.sh from the private pal-e-platform repo via wget, but the request had no authentication, resulting in a 404. This adds an Authorization: token header using the existing FORGEJO_TOKEN secret already available in the step's environment.

Changes

  • .woodpecker.yaml: Added --header="Authorization: token ${FORGEJO_TOKEN}" to the wget command in the update-kustomize-tag step

Test Plan

  • Tests pass locally (no test changes — CI-only fix)
  • Manual verification: next main push pipeline's update-kustomize-tag step succeeds instead of 404ing
  • No regressions in other pipeline steps

Review Checklist

  • Passed automated review-fix loop
  • No secrets committed
  • No unnecessary file changes
  • Commit messages are descriptive

Related Notes

## Summary The `update-kustomize-tag` CI step downloads `update-kustomize-tag.sh` from the private `pal-e-platform` repo via wget, but the request had no authentication, resulting in a 404. This adds an `Authorization: token` header using the existing `FORGEJO_TOKEN` secret already available in the step's environment. ## Changes - `.woodpecker.yaml`: Added `--header="Authorization: token ${FORGEJO_TOKEN}"` to the wget command in the `update-kustomize-tag` step ## Test Plan - [ ] Tests pass locally (no test changes — CI-only fix) - [ ] Manual verification: next `main` push pipeline's `update-kustomize-tag` step succeeds instead of 404ing - [ ] No regressions in other pipeline steps ## Review Checklist - [ ] Passed automated review-fix loop - [ ] No secrets committed - [ ] No unnecessary file changes - [ ] Commit messages are descriptive ## Related Notes - Closes forgejo_admin/pal-e-platform#226 - `pal-e-docs` — the project this work belongs to
The update-kustomize-tag step downloads a script from the private
pal-e-platform repo but the wget had no auth, causing 404. Add
Authorization header using the existing FORGEJO_TOKEN secret.

Closes forgejo_admin/pal-e-platform#226

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
forgejo_admin commented 2026-03-28 16:32:18 +00:00
Author
Owner
Copy link

QA Review — PR #235

Scope: 1 file, +1 line, -0 lines. CI-only fix.

Diff Check

  • The --header="Authorization: token ${FORGEJO_TOKEN}" flag is correctly placed as a continuation line in the multi-line wget command
  • FORGEJO_TOKEN is already declared in the step's environment block (line 88-89, sourced from forgejo_token secret) — no new secrets or config needed
  • YAML indentation is consistent with the surrounding continuation lines (10-space indent)
  • wget accepts flags in any order relative to the URL — placement between -O and the URL is valid

SOP Compliance

  • PR body has all required sections (Summary, Changes, Test Plan, Review Checklist, Related Notes)
  • Closes forgejo_admin/pal-e-platform#226 present for cross-repo auto-close
  • No secrets committed
  • No unnecessary file changes
  • Commit message is descriptive

Nits

None.

VERDICT: APPROVE — Clean 1-line fix. The auth header uses the existing secret already available in the step environment.

## QA Review — PR #235 **Scope:** 1 file, +1 line, -0 lines. CI-only fix. ### Diff Check - The `--header="Authorization: token ${FORGEJO_TOKEN}"` flag is correctly placed as a continuation line in the multi-line wget command - `FORGEJO_TOKEN` is already declared in the step's `environment` block (line 88-89, sourced from `forgejo_token` secret) — no new secrets or config needed - YAML indentation is consistent with the surrounding continuation lines (10-space indent) - wget accepts flags in any order relative to the URL — placement between `-O` and the URL is valid ### SOP Compliance - PR body has all required sections (Summary, Changes, Test Plan, Review Checklist, Related Notes) - `Closes forgejo_admin/pal-e-platform#226` present for cross-repo auto-close - No secrets committed - No unnecessary file changes - Commit message is descriptive ### Nits None. --- **VERDICT: APPROVE** — Clean 1-line fix. The auth header uses the existing secret already available in the step environment.
forgejo_admin deleted branch 226-fix-wget-auth 2026-03-28 16:44:45 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
domain:backend

   
domain:devops

   
domain:frontend

   
status:approved

QA passed, awaiting merge approval

  
status:in-progress

Dev agent is actively working

  
status:needs-fix

QA found issues, back to dev

  
status:qa

PR submitted, awaiting QA review

  
type:bug

Bug fix

  
type:devops

Infrastructure/CI/config work

  
type:feature

New functionality

No labels
domain:backend
domain:devops
domain:frontend
status:approved
status:in-progress
status:needs-fix
status:qa
type:bug
type:devops
type:feature
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
forgejo_admin/pal-e-api!235
No description provided.