How to use GitHub Actions to keep a private repository in sync with panther-labs/panther-analysis
QUESTION
How do I manage a fork of panther-analysis in a private repo and keep up to date using GitHub Actions?
ANSWER
This process can be done using mirroring or subtrees. The following process will use subtrees:
- Create a private repository and give it a name.
- We will use "acme-security" as the name in this article.
- Run through the following steps once to establish the subtree:
- Add a remote repository
git remote add panther-analysis git@github.com:panther-labs/panther-analysis.git
- Fetch remote repository: panther-analysis
git fetch panther-analysis
- Add a subtree to the private repository
git subtree add --prefix=panther-labs/panther-analysis panther-analysis master --squash
- Push the subtree up to acme-security
git subtree push --prefix=panther-labs/panther-analysis panther-analysis master
- Add files, commit, and push to add the subtree (panther-labs/panther-analysis) to acme-security
git add . && git commit -m 'message here' && git push
Use this for the Action to pull from the latest versions weekly on Monday:
name: Fetch panther-analysis & Create Pull Request on: schedule: - cron: '0 9 * * 1' # Runs at 09:00 UTC on Mon workflow_dispatch: # Allows you to run this workflow manually from the Actions tab jobs: sync-panther-analysis: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: fetch-depth: 0 token: ${{ secrets.ACTION_TOKEN }} submodules: true - name: Configure identity run: | git config --global user.email "<your.email@test.com" git config --global user.name "<Your Name>" - name: Add panther-analysis as remote run: git remote add panther-analysis https://github.com/panther-labs/panther-analysis.git - name: Check remotes run: git remote -v - name: Fetch panther-analysis run: git fetch panther-analysis - name: pull from master branch run: git subtree pull --prefix=panther-labs/panther-analysis panther-analysis master --squash - name: Create Pull Request on <Your Private Repo> uses: peter-evans/create-pull-request@v4.0.4