Any push fails with invalid header field value Bearer for key Authorization

[kristofre]

Hi,

I used the helm chart to deploy gitea.
I can register and sign into gitea and create a repo.
However as soon as I try to add a file or modify a file (in gitea UI), I get the following error message:

The change was rejected by the server with the following message:

Gitea: Internal Server Error
Unable to contact gitea: Post http://0.0.0.0:3000/api/internal/hook/pre-receive/xxx/test: net/http: invalid header field value "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1ODk0NTQxOTJ9.iWBvmOHvMVDnPNwVtNaAZ91gMBPljH-3lDVvM0_0HEE\n" for key Authorization
Please check githooks.

I believe the \n at the end of the bearer token might have something to do with it but I am not sure.

I have the same issue on the command line:

$ git push 
Username for 'http://gitea.192.168.50.10.xip.io': xxx
Password for 'http://xxx@gitea.192.168.50.10.xip.io':
Enumerating objects: 5, done.
Counting objects: 100% (5/5), done.
Writing objects: 100% (3/3), 247 bytes | 247.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote: Gitea: Internal Server Error
remote: Unable to contact gitea: Post http://0.0.0.0:3000/api/internal/hook/pre-receive/xxx/test: net/http: invalid header field value "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE1ODk0NTQxOTJ9.iWBvmOHvMVDnPNwVtNaAZ91gMBPljH-3lDVvM0_0HEE\n" for key Authorization
To http://gitea.192.168.50.10.xip.io/xxx/test
 ! [remote rejected] master -> master (pre-receive hook declined)
error: failed to push some refs to 'http://gitea.192.168.50.10.xip.io/xxx/test'

Any help would be greatly appreciated!

Values.yaml:

## Gitea image
## ref: https://hub.docker.com/r/gitea/gitea/tags/
##

tags:
  mariadb: true

images:
  registry: docker.io
  gitea: "gitea/gitea:1.11.5"
  memcached: "memcached:1.5.19-alpine"
  pullPolicy: IfNotPresent
 
## Cache settings for memcache
memcached:
  maxItemMemory: 64
  verbosity: v
  extendedOptions: modern

## Configure the ingress resource that allows you to access the
## Gitea installation. Set up the URL
## ref: http://kubernetes.io/docs/user-guide/ingress/
##
ingress:
  enabled: true
  certManager: false
  hostname: gitea.192.168.50.10.xip.io
  annotations: {}
  secrets:

## This chart defaults to using an ingress for http, but change to LoadBalancer if using you cluster supports it
service:
  http:
    serviceType: ClusterIP
    port: 3000
    externalHost: gitea.192.168.50.10.xip.io

  ## SSH is commonly on port 22.. however.. you most likely already have port 22 being used by your node.
  ## so we use port 8022.
  ssh:
    serviceType: LoadBalancer
    port: 22
    externalPort: 8022
    externalHost: gitea.192.168.50.10.xip.io
    externalIPs: []

## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
  gitea:
    requests:
      memory: 500Mi
      cpu: 300m
    limits:
      memory: 2Gi
      cpu: 1
  memcached:
    requests:
      memory: 64Mi
      cpu: 50m

## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
## ref:
##
persistence:
  enabled: true
  giteaSize: 10Gi
  accessMode: ReadWriteMany
  annotations:
    "helm.sh/resource-policy": keep

##
## MariaDB chart configuration
##
## https://github.com/helm/charts/blob/master/stable/mariadb/values.yaml
##
mariadb:
  enabled: true
  replication:
    enabled: false
  db:
    name: gitea
    user: gitea

  rootUser:
    password: ThisIsMySuperSecretPassword

  master:
    persistence:
      enabled: true
      accessMode: ReadWriteOnce
      size: 8Gi

config:
##  secretName: "<Existing Secret Name>"
##  secretKey: "<random>"  # Generate with 'gitea generate secret SECRET_KEY'
##  jwtSecret: "<random>"  # Generate with 'gitea generate secret JWT_SECRET'
##  lfsJwtSecret: "<random>"  # Generate with 'gitea generate secret LFS_JWT_SECRET'
##  internalToken: "<random>"  # Generate with 'gitea generate secret INTERNAL_TOKEN'
  disableInstaller: false
  offlineMode: false
  requireSignin: false
  disableRegistration: false
  openidSignin: true
  immutableConfig: false  # Regenerate config every time, and set as read-only

## Common helm annotations
## Node labels and tolerations for pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
nodeSelector: {}
tolerations: []
affinity: {}

## Annotations for the deployment and nodes.
deploymentAnnotations: {}
podAnnotations: {}

I also logged it here: go-gitea/gitea#11408

KR,
Kristof

[cdrage]

Hi @kristofre could you try an earlier version? I'm unsure if 1.1.15 broke this or not.

[cdrage]

Sorry, this was actually caused by #13

I've gone ahead and reverted the commit.

Can you please try 1.3.3 and see if anything breaks?

▶ helm search repo k8s-land -l
NAME            CHART VERSION   APP VERSION     DESCRIPTION          
k8s-land/gitea  1.3.3           1.11.5          Git with a cup of tea
k8s-land/gitea  1.3.1           1.11.4          Git with a cup of tea
k8s-land/gitea  1.3.0           1.11.3          Git with a cup of tea
k8s-land/gitea  1.2.3           1.10.1          Git with a cup of tea
k8s-land/gitea  1.2.2           1.9.3           Git with a cup of tea
k8s-land/gitea  1.2.1           1.9.3           Git with a cup of tea

[Anganthier]

I just redeployed an re-migrated again. Now "git push" works using chart version 1.3.3.

I just moved some parts from /app to /data like the indexers or the lfs or the log, since /app is not persistent, but /data is.

[kristofre]

Hi, apologies for the late reply. This resolved the issue. Thanks!