woodpecker-ci/woodpecker

Explain WP-Forge and Clone-Forge authentication and interaction

Opened this issue · 0 comments

zc-devs commented

Clear and concise description of the problem

There is a lot of magic in how WP interacts with Forge and the clone steps with Forge. Would be great to have the answers in the docs. Follow up of #4352 (comment).

Questions

  1. Why a Forge must support OAuth2?
    #2161, #3591
  2. Why a Forge must support Webhooks? Could it work without Webhooks? What are the consequences?
    #3591, #2651, #2355 (reply in thread)
  3. What is going on a user registration under the hood? Doesn't WP store some info about a user? What info?
  4. What is going on a repository enabling in WP under the hood?
  5. How the user's permissions in Forge correlate with what a user can do in WP?
  6. On behalf what user WP would call Forge, executing a cron job for example? Do I have to create some service user in Forge and specify their user/password or token in WP?
    #4232
  7. What are the token, secret and hash fields in the DB users table? Are they refreshed? When?
    #4244, #3811, #3804 (comment)
  8. What if repo will be inactive for a couple of hours? Moth? Year?
    #4244, https://codeberg.org/Codeberg-CI/feedback/issues/201
  9. What is going on a repository repairing? Does it change some Forge credentials in WP?
    #4128
  10. How does the cloning work under the hood? What is the netrc thing? What does this file contain: username/password or token(s)? Of what user?
    #2601, #4352
  11. Is there some exceptions from 10?
    Bitbucket Datacenter / Server

Of course, feel free to add questions, link related issues/discussions and rename the title.