docs(ci-bot): correct git-push snippet to use http.extraHeader
All checks were successful
CI / preflight (push) Successful in 4s
CI / typecheck (push) Successful in 13s
ecosystem-selftest / semantic-release-bumptest (push) Successful in 11s
ecosystem-selftest / eslint-gate (push) Successful in 4s
ecosystem-selftest / yamllint-gate (push) Successful in 4s
pulumi-preview / preview (push) Successful in 16s

The basic-auth credential helper is rejected for token push; the Authorization:
token header (the same one the API accepts) works. Verified live.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Andreas Niemann 2026-07-01 14:13:45 +02:00
parent 4a88ae85b5
commit 2fe9a4d43e

View file

@ -55,10 +55,12 @@ repo's `/packages` page. See [`.forgejo/workflows/README.md`](../.forgejo/workfl
## git push as ci-bot
The `foundation-test` SSH key is not a registered Forgejo SSH key, so push over
HTTPS with the `git-push` token (kept at `/root/ci-bot-git-push.token` on the forge):
HTTPS with the `git-push` token (kept at `/root/ci-bot-git-push.token` on the
forge). Pass it as an `Authorization: token` header — the basic-auth credential
helper is rejected for token push, but the header (same one the API accepts) works:
```sh
GITTOK=$(ssh -p222 -i ~/.ssh/foundation-test_ed25519 root@204.168.234.72 cat /root/ci-bot-git-push.token)
git -c credential.helper='!f(){ echo username=ci-bot; echo "password=$GITTOK"; };f' \
git -c http.extraHeader="Authorization: token $GITTOK" \
push https://forge.olsitec.net/olsitec/<repo>.git <branch>
```