From 6ba509dbe18c97c75cdecef64969d8153c0fd8a5 Mon Sep 17 00:00:00 2001
From: Brad Stein <Brad.Stein@gmail.com>
Date: Wed, 14 Jan 2026 13:46:34 -0300
Subject: [PATCH] gitea: tolerate oidc init failures

---
 services/gitea/deployment.yaml | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/services/gitea/deployment.yaml b/services/gitea/deployment.yaml
index a5fa9c4..9dc0c87 100644
--- a/services/gitea/deployment.yaml
+++ b/services/gitea/deployment.yaml
@@ -78,7 +78,7 @@ spec:
 
               if [ -n "$id" ]; then
                 echo "Updating existing auth source id=$id"
-                $BIN -c "$APPINI" admin auth update-oauth \
+                if ! $BIN -c "$APPINI" admin auth update-oauth \
                   --id "$id" \
                   --name keycloak \
                   --provider openidConnect \
@@ -90,10 +90,12 @@ spec:
                   --required-claim-value "" \
                   --group-claim-name groups \
                   --admin-group admin \
-                  --skip-local-2fa
+                  --skip-local-2fa; then
+                  echo "OIDC update failed; continuing without blocking startup" >&2
+                fi
               else
                 echo "Creating keycloak auth source"
-                $BIN -c "$APPINI" admin auth add-oauth \
+                if ! $BIN -c "$APPINI" admin auth add-oauth \
                   --name keycloak \
                   --provider openidConnect \
                   --key "$CLIENT_ID" \
@@ -104,7 +106,9 @@ spec:
                   --required-claim-value "" \
                   --group-claim-name groups \
                   --admin-group admin \
-                  --skip-local-2fa
+                  --skip-local-2fa; then
+                  echo "OIDC create failed; continuing without blocking startup" >&2
+                fi
               fi
           volumeMounts:
             - name: gitea-data