Skip to main content
Panther Knowledge Base

How to use GitHub Actions to keep a private repository in sync with panther-labs/panther-analysis

QUESTION

 How do I manage a fork of panther-analysis in a private repo and keep up to date using GitHub Actions?

ANSWER

 This process can be done using mirroring or subtrees. The following process will use subtrees:

  1. Create a private repository and give it a name.
    • We will use "acme-security" as the name in this article.
  2. Run through the following steps once to establish the subtree:
  1. Add a remote repository
    • git remote add panther-analysis git@github.com:panther-labs/panther-analysis.git
  2. Fetch remote repository: panther-analysis
    • git fetch panther-analysis
  3. Add a subtree to the private repository
    • git subtree add --prefix=panther-labs/panther-analysis panther-analysis master --squash
  4. Push the subtree up to acme-security
    • git subtree push --prefix=panther-labs/panther-analysis panther-analysis master
  5. Add files, commit, and push to add the subtree (panther-labs/panther-analysis) to acme-security
    • git add . && git commit -m 'message here' && git push

Use this for the Action to pull from the latest versions weekly on Monday:

name: Fetch panther-analysis & Create Pull Request
​
on:
  schedule:
    - cron:  '0 9 * * 1' # Runs at 09:00 UTC on Mon
​
  workflow_dispatch: # Allows you to run this workflow manually from the Actions tab
​
jobs:
​
  sync-panther-analysis:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
      with:
        fetch-depth: 0
        token: ${{ secrets.ACTION_TOKEN }}
        submodules: true
    - name: Configure identity
      run: |
        git config --global user.email "<your.email@test.com"
        git config --global user.name "<Your Name>"
    - name: Add panther-analysis as remote
      run: git remote add panther-analysis https://github.com/panther-labs/panther-analysis.git
    - name: Check remotes
      run: git remote -v
    - name: Fetch panther-analysis
      run: git fetch panther-analysis        
    - name: pull from master branch
      run: git subtree pull --prefix=panther-labs/panther-analysis panther-analysis master --squash
    - name: Create Pull Request on <Your Private Repo>
      uses: peter-evans/create-pull-request@v4.0.4