From 08d47eb6dc9ebc575b058f59cad7d93180d94347 Mon Sep 17 00:00:00 2001
From: Andriy Oblivantsev <eslider@gmail.com>
Date: Sun, 1 Mar 2026 11:46:15 +0000
Subject: [PATCH] Work around self-hosted TLS in CI checkout step.

Replace actions/checkout with a manual git fetch using sslVerify=false so the runner can clone from the self-hosted Gitea endpoint and continue pipeline execution.

Made-with: Cursor
---
 .gitea/workflows/ci.yml | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index 3cd0c41..ef00966 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -10,11 +10,13 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          github-server-url: https://git.produktor.io
-          fetch-depth: 1
+      - name: Checkout (manual for self-hosted TLS)
+        run: |
+          rm -rf .git
+          git init .
+          git remote add origin "https://oauth2:${{ github.token }}@git.produktor.io/${{ github.repository }}.git"
+          git -c http.sslVerify=false fetch --depth=1 origin "${{ github.sha }}"
+          git checkout --detach FETCH_HEAD
 
       - name: Setup Go
         uses: actions/setup-go@v5