If you’re like me, you probably need to update your image tag to this new major version. I’ll probably wait for a minor release first.

  • chaospatterns@lemmy.worldEnglish
    4·
    2 hours ago

    15.0 adds support for OIDC tokens being handed to Actions workflows compatible with GitHub Actions. I was excited to upgrade because I wanted to continue doing cosign Docker image signing, but then I found out that the Cosign transparency log doesn’t support Forgejo. Looks like I need an alternative.

    My next biggest problem is the Actions workflow itself. I setup Docker in Docker, but turns out there’s a bit of work in preparing the runners to be on par with what I used on GitHub.

    Otherwise, I’ve found Forgejo to be quite good and almost all my private repos are moved over.

  • northernlights@lemmy.todayEnglish
    9·
    5 hours ago

    I very much have my eye on that. Pretty sure that’s going to be my next self-host just because I love everything about it, not so much because I’ll need it. Pleeeease federate. I know it’s a whole lot of work, but it would be a significant net benefit to all developers worldwide who code because they like it.

  • prism@lemmy.dbzer0.comEnglish
    21·
    7 hours ago

    Finally, repository specific access tokens were added! I was missing this feature from GitHub (fine-grained access tokens) and had resorted to making service accounts that had access to a single repo. Time to clean that up :)

    • cecilkorik@piefed.caEnglish
      2·
      2 hours ago

      Gitea is developed by a corporation. If you trust corporations not to enshittify eventually, maybe Gitea will be the exception to the rule, but I doubt it, for sufficiently long definitions of “eventually”. Forgejo was forked specifically because the governance needed to be detached from the corporation, and that wasn’t going to happen with Gitea. The community of open-source developers mostly voted with their feet. Forgejo is, in my humble opinion, going places. Gitea is not. Nothing specifically wrong with it, per se, but it doesn’t really offer a sustainable development path forward I don’t think.

    • poVoq@slrpnk.netEnglish
      7·
      3 hours ago

      Because you usually don’t want to do automatic upgrades across major versions. There is a “latest” equivalent for each major version release though.

    • Encrypt-Keeper@lemmy.worldEnglish
      2·
      3 hours ago

      Forgejo was initially a soft fork of Gitea but they knew it would very possibly become a hard fork. Using the latest tag meant your setup could break unexpectedly so I think they’d opted to not use it at all. What you want to do is use the full version “15” in this case which will keep it updated up the currently major release.

  • iso@lemy.lolEnglish
    126·
    7 hours ago

    Forgejo’s most promising feature was federation, and unfortunately, they don’t seem to be working on that.

  • galaxy_nova@lemmy.worldEnglish
    1·
    5 hours ago

    Thoughts on this versus tangled besides this being more mature? Also question, I have cloudflare serving as my ddns, I believe some settings I have configured there prevent ssh from working to my forgejo instance. Is it a security risk to allow ssh traffic properly? I have other services on the same subdomain published as well if that matters.

    Edit: would Tailscale be a solution here?

    • Encrypt-Keeper@lemmy.worldEnglish
      1·
      3 hours ago

      Tangled seems to focus on the “social” aspect by being inherently federated using the protocol Bluesky uses.

      Federation is in the works for Forgejo but it’s not a focus.

    • purplemonkeymad@programming.devEnglish
      1·
      5 hours ago

      Recommendation would be that you want to set up your ssh so that it only accepts publickey authentication. You also want to make sure you are not using a proxied DNS value, as CF only proxies http requests.

      Personally I didn’t bother to setup ssh access as https typically works fine.

      • galaxy_nova@lemmy.worldEnglish
        1·
        4 hours ago

        I setup ssh key access only on all my machines so that bit is ok. Maybe I’ll forgo ssh like you’re suggesting as well. I thought I had some use for it but it’s been a while since I was messing with my forgejo instance, I’ve kind of fallen back to GitHub and codeberg for a bit since I’ve been busy. I couldn’t get https cloning to work for some reason either so I neee to investigate that I guess.