Merge pull request 'fix: fix: Forgejo 11.x ignores --must-change-password=false — token creation fails with password change required (#665)' (#676) from fix/issue-665 into main

2026-03-25 13:10:35 +01:00 · 2026-03-25 13:10:35 +01:00 · 3b8d69cfab
commit 3b8d69cfab
parent d13f1a6997 48185108af
2 changed files with 51 additions and 0 deletions
--- a/bin/disinto
+++ b/bin/disinto
@ -398,6 +398,13 @@ setup_forge() {
      echo "  ${create_output}" >&2
      exit 1
    fi
+    # Forgejo 11.x ignores --must-change-password=false on create;
+    # explicitly clear the flag so basic-auth token creation works.
+    _forgejo_exec forgejo admin user change-password \
+      --username "${admin_user}" \
+      --password "${admin_pass}" \
+      --must-change-password=false
+
    # Verify admin user was actually created
    if ! curl -sf --max-time 5 "${forge_url}/api/v1/users/${admin_user}" >/dev/null 2>&1; then
      echo "Error: admin user '${admin_user}' not found after creation" >&2
@ -447,6 +454,13 @@ setup_forge() {
        echo "  ${create_output}" >&2
        exit 1
      fi
+      # Forgejo 11.x ignores --must-change-password=false on create;
+      # explicitly clear the flag so basic-auth token creation works.
+      _forgejo_exec forgejo admin user change-password \
+        --username "${bot_user}" \
+        --password "${bot_pass}" \
+        --must-change-password=false
+
      # Verify bot user was actually created
      if ! curl -sf --max-time 5 \
        -H "Authorization: token ${admin_token}" \
--- a/tests/smoke-init.sh
+++ b/tests/smoke-init.sh
@ -168,6 +168,43 @@ if [ "${1:-}" = "exec" ]; then
      echo "New user '${username}' has been successfully created!"
      exit 0
    fi
+
+    if [ "$subcmd" = "change-password" ]; then
+      shift 4  # skip 'forgejo admin user change-password'
+      username="" password=""
+      while [ $# -gt 0 ]; do
+        case "$1" in
+          --username)             username="$2"; shift 2 ;;
+          --password)             password="$2"; shift 2 ;;
+          --must-change-password*) shift ;;
+          --config*)              shift ;;
+          *)                      shift ;;
+        esac
+      done
+
+      if [ -z "$username" ]; then
+        echo "mock-docker: change-password missing --username" >&2
+        exit 1
+      fi
+
+      # PATCH user via Forgejo admin API to clear must_change_password
+      patch_body="{\"must_change_password\":false,\"login_name\":\"${username}\",\"source_id\":0"
+      if [ -n "$password" ]; then
+        patch_body="${patch_body},\"password\":\"${password}\""
+      fi
+      patch_body="${patch_body}}"
+
+      if ! curl -sf -X PATCH \
+        -u "$BOOTSTRAP_CREDS" \
+        -H "Content-Type: application/json" \
+        "${FORGE_URL}/api/v1/admin/users/${username}" \
+        -d "${patch_body}" \
+        >/dev/null 2>&1; then
+        echo "mock-docker: failed to change-password for '${username}'" >&2
+        exit 1
+      fi
+      exit 0
+    fi
  fi

  echo "mock-docker: unhandled exec: $*" >&2