From f14d06777949d0de88d3907dbea35677ff2968f5 Mon Sep 17 00:00:00 2001
From: user <user@rpios.local>
Date: Sun, 22 Feb 2026 08:15:42 +0100
Subject: [PATCH] fix: use alpine/git container for checkout on host jobs

The linux runner has podman but no git. Clone repos via
alpine/git container for secrets and build host jobs.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .gitea/workflows/ci.yml | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index 481a6c5..9fab08f 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -44,7 +44,12 @@ jobs:
     runs-on: linux
     steps:
       - name: Checkout
-        run: git clone --branch "${GITHUB_REF_NAME}" "https://oauth2:${{ github.token }}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git" .
+        run: |
+          podman run --rm \
+            -v "$PWD:/repo" \
+            -w /repo \
+            alpine/git:latest \
+            clone --branch "${GITHUB_REF_NAME}" "https://oauth2:${{ github.token }}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git" .
       - name: Scan for secrets
         run: |
           podman run --rm \
@@ -58,7 +63,12 @@ jobs:
     if: github.event_name == 'push' && github.ref == 'refs/heads/master'
     steps:
       - name: Checkout
-        run: git clone --depth 1 --branch "${GITHUB_REF_NAME}" "https://oauth2:${{ github.token }}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git" .
+        run: |
+          podman run --rm \
+            -v "$PWD:/repo" \
+            -w /repo \
+            alpine/git:latest \
+            clone --depth 1 --branch "${GITHUB_REF_NAME}" "https://oauth2:${{ github.token }}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git" .
       - name: Login to Harbor
         run: echo "$HARBOR_PASS" | podman login -u "$HARBOR_USER" --password-stdin harbor.mymx.me
         env: