From 952d8059d551120c5fbb6b0721db68b801149d9d Mon Sep 17 00:00:00 2001 From: Alexander Renz Date: Sat, 13 Dec 2025 13:40:39 +0100 Subject: [PATCH] fix(ci): use secret for SSH key instead of container volume --- .gitea/workflows/ci.yml | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 252e3bb..447e4fd 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -199,24 +199,17 @@ jobs: runs-on: ubuntu-latest needs: [test, lint] if: github.event_name == 'push' && github.ref == 'refs/heads/main' && vars.MIRROR_ENABLED != 'false' - container: - image: debian:bookworm-slim - volumes: - - /root/.ssh:/root/.ssh:ro steps: - - name: Install git - run: apt-get update && apt-get install -y --no-install-recommends git openssh-client ca-certificates && rm -rf /var/lib/apt/lists/* - - name: Setup SSH key run: | - chmod 600 /root/.ssh/id_ed25519 2>/dev/null || true - ssh-keyscan github.com >> /root/.ssh/known_hosts + mkdir -p ~/.ssh + echo "${{ secrets.GITHUB_MIRROR_SSH_KEY }}" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + ssh-keyscan github.com >> ~/.ssh/known_hosts - name: Clone and mirror run: | - git config --global --add safe.directory "$GITHUB_WORKSPACE" git clone --mirror ${{ env.GITEA_URL }}/${GITHUB_REPOSITORY}.git repo.git cd repo.git git remote add github git@github.com:PlusOne/hmac-file-server.git - git push --mirror github || git push --force --all github && git push --force --tags github - + git push --mirror github || (git push --force --all github && git push --force --tags github)