From 22574726cdf5997c63c3f10776e99475ef80219c Mon Sep 17 00:00:00 2001 From: sudoforge <no-reply@sudoforge.com> Date: Thu, 8 May 2025 19:39:51 -0700 Subject: [PATCH] ci: automatically mirror HEAD to trunk (#1405) This change introduces a pipeline job called `mirror` that will push to `refs/heads/trunk` automatically, in order to keep it in sync with the default tree. This job is restricted to the SoT for git-bug, and will only execute for the first run of the workflow. Refs: #1404 Change-Id: If65f83ce9058dd01aa74f6841dc58ac040284b18 --- .github/workflows/trunk.yml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/.github/workflows/trunk.yml b/.github/workflows/trunk.yml index 6abf3ed4..99d52c1e 100644 --- a/.github/workflows/trunk.yml +++ b/.github/workflows/trunk.yml @@ -43,3 +43,35 @@ jobs: github-token: ${{ secrets.GITHUB_TOKEN }} comment-on-alert: true auto-push: true + + mirror: + if: > + github.ref == 'refs/heads/master' && github.repository == 'git-bug/git-bug' && github.run_attempt == '1' + permissions: + contents: write + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + # we use a custom deploy key in order to allow the workflow to bypass + # branch protection rules. without this, pushing will be rejected + - name: setup authentication + env: + SSH_AUTH_SOCK: /tmp/ssh-agent.sock + run: | + mkdir -p ~/.ssh + echo "${{ secrets.TRUNK_MIRROR_KEY }}" > ~/.ssh/id_rsa + chmod 0600 ~/.ssh/id_rsa + ssh-agent -a $SSH_AUTH_SOCK > /dev/null + ssh-add ~/.ssh/id_rsa + + - name: push to trunk + env: + SSH_AUTH_SOCK: /tmp/ssh-agent.sock + run: |- + git config user.name git-bug-bot + git config user.email no-reply@git-bug.org + git remote set-url origin git@github.com:git-bug/git-bug.git + git push --atomic origin HEAD:refs/heads/trunk -- GitLab