OWASP · advaitpatel · Mar 23, 2026 · Mar 23, 2026 · Mar 23, 2026 · Mar 23, 2026
diff --git a/.github/workflows/mirror-to-owasp.yml b/.github/workflows/mirror-to-owasp.yml
@@ -18,23 +18,140 @@ jobs:
         with:
           fetch-depth: 0
           fetch-tags: true
+          token: ${{ secrets.OWASP_MIRROR_TOKEN }}
 
       - name: Mirror to OWASP repository
         env:
           OWASP_TOKEN: ${{ secrets.OWASP_MIRROR_TOKEN }}
         run: |
-          git config --global user.name "GitHub Actions Bot"
+          set -e  # Exit on any error
+
+          echo "=========================================="
+          echo "Starting OWASP Mirror Process"
+          echo "=========================================="
+          echo ""
+
+          # Check if token is set
+          echo "🔍 Step 1: Checking if OWASP_TOKEN secret is available..."
+          if [ -z "$OWASP_TOKEN" ]; then
+            echo "❌ ERROR: OWASP_TOKEN is not set!"
+            echo "Please ensure OWASP_MIRROR_TOKEN secret is configured in repository settings."
+            exit 1
+          fi
+          echo "✅ Token is set (length: ${#OWASP_TOKEN} characters)"
+          echo ""
+
+          # Configure git
+          echo "🔍 Step 2: Configuring Git..."
+          git config --global user.name "GitHub Actions"
           git config --global user.email "actions@github.com"
+          echo "✅ Git configured"
+          echo ""
+
+          # Show current git status
+          echo "🔍 Step 3: Current Git Status..."
+          git status
+          git log --oneline -5
+          echo ""
+
+          # Set up authentication
+          echo "🔍 Step 4: Setting up Git credentials..."
+          git config --global credential.helper store
+          echo "https://${OWASP_TOKEN}@github.com" > ~/.git-credentials
+          echo "✅ Credentials configured"
+          echo ""
+
+          # Test credentials by checking remote access
+          echo "🔍 Step 5: Testing access to OWASP repository..."
+          if git ls-remote https://github.com/OWASP/www-project-docksec.git HEAD > /dev/null 2>&1; then
+            echo "✅ Successfully connected to OWASP repository"
+          else
+            echo "❌ ERROR: Cannot access OWASP repository"
+            echo "This could mean:"
+            echo "  1. Token doesn't have the 'repo' scope"
+            echo "  2. You don't have write access to OWASP/www-project-docksec"
+            echo "  3. Token is invalid or expired"
+            rm ~/.git-credentials
+            exit 1
+          fi
+          echo ""
+
+          # Add OWASP remote
+          echo "🔍 Step 6: Adding OWASP remote..."
+          git remote add owasp https://github.com/OWASP/www-project-docksec.git
+          git remote -v
+          echo "✅ OWASP remote added"
+          echo ""
+
+          # Fetch OWASP remote to check connection
+          echo "🔍 Step 7: Fetching from OWASP remote..."
+          if git fetch owasp; then
+            echo "✅ Successfully fetched from OWASP remote"
+          else
+            echo "❌ ERROR: Failed to fetch from OWASP remote"
+            rm ~/.git-credentials
+            exit 1
+          fi
+          echo ""
+
+          # Push main branch
+          echo "🔍 Step 8: Pushing main branch to OWASP repository..."
+          echo "Source: $(git rev-parse HEAD)"
+          echo "Target: OWASP/www-project-docksec (main branch)"
+          if git push owasp main --force --verbose; then
+            echo "✅ Successfully pushed main branch"
+          else
+            echo "❌ ERROR: Failed to push main branch"
+            echo "Exit code: $?"
+            rm ~/.git-credentials
+            exit 1
+          fi
+          echo ""
+
+          # Push tags
+          echo "🔍 Step 9: Pushing tags to OWASP repository..."
+          TAG_COUNT=$(git tag | wc -l)
+          echo "Number of tags to push: $TAG_COUNT"
+          if [ "$TAG_COUNT" -gt 0 ]; then
+            if git push owasp --tags --force --verbose; then
+              echo "✅ Successfully pushed $TAG_COUNT tag(s)"
+            else
+              echo "⚠️  WARNING: Failed to push tags (non-critical)"
+            fi
+          else
+            echo "ℹ️  No tags to push"
+          fi
+          echo ""
 
-          # Add OWASP remote with personal access token
-          git remote add owasp https://x-access-token:${OWASP_TOKEN}@github.com/OWASP/www-project-docksec.git
+          # Clean up credentials
+          echo "🔍 Step 10: Cleaning up credentials..."
+          rm ~/.git-credentials
+          echo "✅ Credentials cleaned up"
+          echo ""
 
-          # Push the main branch
-          echo "Pushing main branch to OWASP repository..."
-          git push owasp main --force
+          # Final verification
+          echo "🔍 Step 11: Verifying mirror success..."
+          OWASP_HEAD=$(git ls-remote https://github.com/OWASP/www-project-docksec.git HEAD | cut -f1)
+          LOCAL_HEAD=$(git rev-parse HEAD)
+          echo "Local HEAD:      $LOCAL_HEAD"
+          echo "OWASP HEAD:      $OWASP_HEAD"
 
-          # Push all tags
-          echo "Pushing tags to OWASP repository..."
-          git push owasp --tags --force
+          if [ "$LOCAL_HEAD" = "$OWASP_HEAD" ]; then
+            echo "✅ Verification successful: OWASP repo is in sync!"
+          else
+            echo "⚠️  WARNING: Commits don't match, but push succeeded"
+            echo "This might be expected if OWASP has additional commits"
+          fi
+          echo ""
 
-          echo "Mirror completed successfully!"
+          echo "=========================================="
+          echo "✅ Mirror completed successfully!"
+          echo "=========================================="
+          echo ""
+          echo "Summary:"
+          echo "  - Source: advaitpatel/DockSec (main)"
+          echo "  - Target: OWASP/www-project-docksec (main)"
+          echo "  - Latest commit: $LOCAL_HEAD"
+          echo "  - Tags pushed: $TAG_COUNT"
+          echo ""
+          echo "View OWASP repository: https://github.com/OWASP/www-project-docksec"