yes, sorry I misused “drone.io” term, what I mean is that I’m trying to reach my compose service that is based upon drone/drone docker image, since expose its 80 port on 8080 port I’m accessing from local machine using http://localhost:8080
probably I didn’t explain it well: it happens if I stop all dockers containers, for example when I shut down my pc, and then, when I turn on my pc to use it again, I cannot logout in that situation since I’m not logged in, so the only workaround for me was to delete token from gogs web interface, otherwise I won’t be able to login again.
Thank you for creating a ticket about that, is there a way I can follow its updates?
Hey @magowiz that makes sense - I’m confident what I’m seeing has the same root cause.
I have added a note on the ticket to update this discourse thread when complete - - our ticketing system is inside the harness corporate jira so I’m afraid it is not publicly viewable.
But I should make it clear that I really can’t promise any sort of turnaround time on this - we are a small team and gogs & drone setups are really rare - in fact running your docker compose was the first time I’ve made use of it, it seems pretty good
Cookies are signed using a secret. Every time drone restarts it generates a new random secret for signing cookies, which in turn revokes all previous cookies. It sounds like the behavior you are describing can be solved by providing the cookie secret so that it is fixed and not auto-generated every time the server starts (we use this setting in production). https://docs.drone.io/server/reference/drone-cookie-secret/
Setting that environment variable solved the issue, now every time I restart the compose I don’t have to delete token on gogs.
The only issue now is that when you explicitly log out you have to delete gogs token as before, but maybe this is wanted behavior.
I’m not aware of a requirement to delete the Gogs token, however, I have not used Gogs for many years so perhaps something has changed with how Gogs works. Most of our community has moved to Gitea which added support for oauth a few years ago, which I what we test with locally.