ci: materialize origin refs as refs/heads before mirror push #3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Mirror to forge.blacksky.community | |
| on: | |
| push: {} | |
| workflow_dispatch: {} | |
| permissions: | |
| contents: read | |
| jobs: | |
| tangle: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: push to forge knot | |
| env: | |
| TANGLED_KEY: ${{ secrets.TANGLED_KEY }} | |
| run: | | |
| set -euo pipefail | |
| mkdir -p ~/.ssh | |
| chmod 700 ~/.ssh | |
| printf '%s\n' "$TANGLED_KEY" > ~/.ssh/tangled_key | |
| chmod 600 ~/.ssh/tangled_key | |
| cat > ~/.ssh/config <<'EOF' | |
| Host knot.blacksky.community | |
| StrictHostKeyChecking no | |
| UserKnownHostsFile=/dev/null | |
| IdentityFile ~/.ssh/tangled_key | |
| IdentitiesOnly yes | |
| EOF | |
| chmod 600 ~/.ssh/config | |
| # actions/checkout leaves origin branches under refs/remotes/origin/* | |
| # — git push --mirror would copy those as remote-tracking refs on | |
| # the destination instead of as proper branches. Materialize them | |
| # under refs/heads/* first so the mirror push lands them as real | |
| # branches that forge can render. | |
| git fetch origin '+refs/heads/*:refs/heads/*' '+refs/tags/*:refs/tags/*' | |
| git remote add tangled git@knot.blacksky.community:blackskyweb.xyz/rsky | |
| git push --mirror tangled |