math-pixel/upload-gltf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: authenticate gitea lfs uploads

Browse Source
This commit is contained in:
Tom Boullay
2026-05-15 01:19:22 +02:00
parent f53f606daa
commit 71b4b2c905
3 changed files with 20 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.env.example
+1
View File
@@ -1,4 +1,5 @@
UPLOAD_SECRET_KEY=your-secret-key-here UPLOAD_SECRET_KEY=your-secret-key-here
GIT_USERNAME=your-gitea-username
GIT_TOKEN=your-git-provider-token GIT_TOKEN=your-git-provider-token
GIT_BRANCH=main GIT_BRANCH=main
GIT_REPO_URL=https://git.example.com/your-org/your-repo GIT_REPO_URL=https://git.example.com/your-org/your-repo
README.md
+3
View File
@@ -237,6 +237,7 @@ Copy `.env.example` to `.env.local` and fill in the values:
```env ```env
UPLOAD_SECRET_KEY=your-secret-key-here UPLOAD_SECRET_KEY=your-secret-key-here
GIT_USERNAME=your-gitea-username
GIT_TOKEN=your-git-provider-token GIT_TOKEN=your-git-provider-token
GIT_BRANCH=main GIT_BRANCH=main
GIT_REPO_URL=https://git.example.com/your-org/your-repo GIT_REPO_URL=https://git.example.com/your-org/your-repo
@@ -250,6 +251,7 @@ NEXTCLOUD_BASE_PATH=Models
| Variable | Description | Required | | Variable | Description | Required |
|----------|-------------|----------| |----------|-------------|----------|
| `UPLOAD_SECRET_KEY` | Secret key for upload authentication | Yes | | `UPLOAD_SECRET_KEY` | Secret key for upload authentication | Yes |
| `GIT_USERNAME` | Git username for Git LFS Basic auth on Gitea. Required for Gitea when LFS files are uploaded. | Gitea LFS |
| `GIT_TOKEN` | Git provider token with repository read/write access. `GITHUB_TOKEN` is still accepted for backward compatibility. | Yes | | `GIT_TOKEN` | Git provider token with repository read/write access. `GITHUB_TOKEN` is still accepted for backward compatibility. | Yes |
| `GIT_BRANCH` | Target branch (default: main) | No | | `GIT_BRANCH` | Target branch (default: main) | No |
| `GIT_REPO_URL` | Target GitHub or Gitea repository URL (`owner/repo`, HTTPS, or SSH) | Yes | | `GIT_REPO_URL` | Target GitHub or Gitea repository URL (`owner/repo`, HTTPS, or SSH) | Yes |
@@ -278,6 +280,7 @@ After a security patch:
docker build -t upload-gltf . docker build -t upload-gltf .
docker run -p 3000:3000 \ docker run -p 3000:3000 \
-e UPLOAD_SECRET_KEY=your-key \ -e UPLOAD_SECRET_KEY=your-key \
-e GIT_USERNAME=your-gitea-username \
-e GIT_TOKEN=token_xxx \ -e GIT_TOKEN=token_xxx \
-e GIT_REPO_URL=https://git.fabrik.mathieu-chavanel.fr/math-pixel/La-Fabrik \ -e GIT_REPO_URL=https://git.fabrik.mathieu-chavanel.fr/math-pixel/La-Fabrik \
-e NEXTCLOUD_URL=https://cloud.example.com \ -e NEXTCLOUD_URL=https://cloud.example.com \
lib/github.ts
+16 -1
View File
@@ -65,6 +65,21 @@ function getGitToken() {
return token return token
} }
function getGitUsername() {
return process.env.GIT_USERNAME?.trim()
}
function getLfsAuthorizationHeader(remote: GitRemoteConfig) {
if (remote.provider === 'github') return `token ${remote.token}`
const username = getGitUsername()
if (!username) {
throw new Error('GIT_USERNAME non configure pour Git LFS sur Gitea')
}
return `Basic ${Buffer.from(`${username}:${remote.token}`, 'utf-8').toString('base64')}`
}
function getOctokit(remote: GitRemoteConfig): Octokit { function getOctokit(remote: GitRemoteConfig): Octokit {
return new Octokit({ return new Octokit({
auth: remote.token, auth: remote.token,
@@ -295,7 +310,7 @@ async function uploadToLfsBatch(
headers: { headers: {
'Accept': 'application/vnd.git-lfs+json', 'Accept': 'application/vnd.git-lfs+json',
'Content-Type': 'application/vnd.git-lfs+json', 'Content-Type': 'application/vnd.git-lfs+json',
'Authorization': `token ${remote.token}`, 'Authorization': getLfsAuthorizationHeader(remote),
}, },
body: JSON.stringify({ body: JSON.stringify({
operation: 'upload', operation: 'upload',