Git push to another repository than the checked out repo

As part of our test steps, we clone a different public repository, perform some analysis on it and also push changes (fixes) to the same public repo. This works perfectly fine when run from our local environment for obvious reasons.

But when running this from CircleCI, we do the following:

 git push origin :fixed-by-meterian-29c4d26

and we get the following (fails due to our read-only key):

ERROR: The key you are authenticating with has been marked as read only.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

We have a read-only SSH key added to the CircleCI config, and would like to know as per best practise and keeping security in mind what is a good way to have a key (such that we can only use it to push to this public repo, maybe even make it git user id specific).

Can you please point me to any previously resolved queries, do you recommend using any of the ideas from these resources:

or this one

Hi Mani. Have you looked into a machine user?

I believe that is what you are looking for. You are correct that a read-only key won’t be able to push out, but a machine key can be set to allow access to pull from one repo and push to another.

1 Like

Thanks I think we have something of that sort - we will use your link to apply this idea.