build: use a fork for the bot
diff --git a/cmd/atmosphere-ci/image_repo_init.go b/cmd/atmosphere-ci/image_repo_init.go
index d1d6fe9..b55f355 100644
--- a/cmd/atmosphere-ci/image_repo_init.go
+++ b/cmd/atmosphere-ci/image_repo_init.go
@@ -28,7 +28,7 @@
 				log.Panic(err)
 			}
 
-			err = repo.Synchronize(ctx)
+			err = repo.Synchronize(ctx, true)
 			if err != nil {
 				log.Panic(err)
 			}
diff --git a/cmd/atmosphere-ci/image_repo_sync.go b/cmd/atmosphere-ci/image_repo_sync.go
index 0db478e..87699f2 100644
--- a/cmd/atmosphere-ci/image_repo_sync.go
+++ b/cmd/atmosphere-ci/image_repo_sync.go
@@ -28,7 +28,7 @@
 				}
 			}
 
-			err := repo.Synchronize(ctx)
+			err := repo.Synchronize(ctx, admin)
 			if err != nil {
 				log.Panic(err)
 			}
diff --git a/internal/pkg/image_repositories/build_workflow.go b/internal/pkg/image_repositories/build_workflow.go
index c55db62..f6bc595 100644
--- a/internal/pkg/image_repositories/build_workflow.go
+++ b/internal/pkg/image_repositories/build_workflow.go
@@ -109,6 +109,7 @@
 					{
 						Name: "Authenticate with Quay.io",
 						Uses: "docker/login-action@v2",
+						If:   "${{ github.event_name == 'push' }}",
 						With: map[string]string{
 							"registry": "quay.io",
 							"username": "${{ secrets.QUAY_USERNAME }}",
@@ -123,7 +124,7 @@
 							"cache-from": "type=gha,scope=${{ matrix.release }}",
 							"cache-to":   "type=gha,mode=max,scope=${{ matrix.release }}",
 							"platforms":  platforms,
-							"push":       "true",
+							"push":       "${{ github.event_name == 'push' }}",
 							"build-args": strings.Join(buildArgs, "\n"),
 							"tags":       fmt.Sprintf("quay.io/vexxhost/%s:${{ env.PROJECT_REF }}", project),
 						},
diff --git a/internal/pkg/image_repositories/image_repository.go b/internal/pkg/image_repositories/image_repository.go
index bfad6a9..77a1b5f 100644
--- a/internal/pkg/image_repositories/image_repository.go
+++ b/internal/pkg/image_repositories/image_repository.go
@@ -125,8 +125,8 @@
 	return nil
 }
 
-func (i *ImageRepository) GetGitHubRepository(ctx context.Context) (*github.Repository, error) {
-	repo, _, err := i.githubClient.Repositories.Get(ctx, "vexxhost", i.githubProjectName)
+func (i *ImageRepository) GetGitHubRepository(ctx context.Context, owner string) (*github.Repository, error) {
+	repo, _, err := i.githubClient.Repositories.Get(ctx, owner, i.githubProjectName)
 	if err != nil {
 		return nil, err
 	}
@@ -134,6 +134,17 @@
 	return repo, nil
 }
 
+func (i *ImageRepository) ForkGitHubRepository(ctx context.Context) (*github.Repository, error) {
+	repo, err := i.GetGitHubRepository(ctx, "vexxhost-bot")
+	if err != nil {
+		i.githubClient.Repositories.CreateFork(ctx, "vexxhost", i.githubProjectName, nil)
+		time.Sleep(20 * time.Second)
+		return i.GetGitHubRepository(ctx, "vexxhost-bot")
+	}
+
+	return repo, nil
+}
+
 func (i *ImageRepository) UpdateGithubConfiguration(ctx context.Context) error {
 	// Description
 	description := fmt.Sprintf("Docker image for OpenStack: %s", i.Project)
@@ -197,8 +208,16 @@
 	return nil
 }
 
-func (i *ImageRepository) Synchronize(ctx context.Context) error {
-	githubRepo, err := i.GetGitHubRepository(ctx)
+func (i *ImageRepository) Synchronize(ctx context.Context, admin bool) error {
+	var githubRepo *github.Repository
+	var err error
+
+	if admin {
+		githubRepo, err = i.GetGitHubRepository(ctx, "vexxhost")
+	} else {
+		githubRepo, err = i.ForkGitHubRepository(ctx)
+	}
+
 	if err != nil {
 		return err
 	}
@@ -206,9 +225,19 @@
 	storer := memory.NewStorage()
 	fs := memfs.New()
 
+	upstreamUrl := fmt.Sprintf("https://github.com/vexxhost/%s.git", i.githubProjectName)
 	repo, err := git.Clone(storer, fs, &git.CloneOptions{
-		Auth: i.gitAuth,
-		URL:  *githubRepo.CloneURL,
+		Auth:       i.gitAuth,
+		URL:        upstreamUrl,
+		RemoteName: "upstream",
+	})
+	if err != nil {
+		return err
+	}
+
+	_, err = repo.CreateRemote(&config.RemoteConfig{
+		Name: "origin",
+		URLs: []string{*githubRepo.CloneURL},
 	})
 	if err != nil {
 		return err
@@ -260,8 +289,8 @@
 	commit, err := worktree.Commit("chore: sync using `atmosphere-ci`", &git.CommitOptions{
 		All: true,
 		Author: &object.Signature{
-			Name:  "github-actions[bot]",
-			Email: "41898282+github-actions[bot]@users.noreply.github.com",
+			Name:  "vexxhost-bot",
+			Email: "mnaser+bot@vexxhost.com",
 			When:  time.Now(),
 		},
 	})
@@ -270,9 +299,10 @@
 	}
 
 	err = repo.Push(&git.PushOptions{
-		Auth:     i.gitAuth,
-		RefSpecs: []config.RefSpec{"refs/heads/sync/atmosphere-ci:refs/heads/sync/atmosphere-ci"},
-		Force:    true,
+		Auth:       i.gitAuth,
+		RefSpecs:   []config.RefSpec{"refs/heads/*:refs/heads/*"},
+		RemoteName: "origin",
+		Force:      true,
 	})
 	if err != nil {
 		return err
@@ -287,9 +317,11 @@
 }
 
 func (i *ImageRepository) CreatePullRequest(ctx context.Context, repo *github.Repository, commit plumbing.Hash) error {
+	head := fmt.Sprintf("%s:%s", *repo.Owner.Login, "sync/atmosphere-ci")
+
 	newPR := &github.NewPullRequest{
 		Title: github.String("⚙️ Automatic sync from `atmosphere-ci`"),
-		Head:  github.String("sync/atmosphere-ci"),
+		Head:  github.String(head),
 		Base:  github.String("main"),
 		Body:  github.String("This is an automatic pull request from `atmosphere-ci`"),
 	}
@@ -304,7 +336,7 @@
 		return nil
 	}
 
-	pr, resp, err := i.githubClient.PullRequests.Create(ctx, *repo.Owner.Login, *repo.Name, newPR)
+	pr, resp, err := i.githubClient.PullRequests.Create(ctx, "vexxhost", *repo.Name, newPR)
 	if err != nil && resp.StatusCode != http.StatusUnprocessableEntity {
 		return err
 	}
diff --git a/internal/pkg/image_repositories/sync_workflow.go b/internal/pkg/image_repositories/sync_workflow.go
index 3a1959c..5e9eede 100644
--- a/internal/pkg/image_repositories/sync_workflow.go
+++ b/internal/pkg/image_repositories/sync_workflow.go
@@ -49,7 +49,7 @@
 						Name: "Synchronize Image Repository",
 						Run:  fmt.Sprintf("go run ./cmd/atmosphere-ci image repo sync %s", project),
 						Environment: map[string]string{
-							"GITHUB_TOKEN": "${{ secrets.GITHUB_TOKEN }}",
+							"GITHUB_TOKEN": "${{ secrets.BOT_TOKEN }}",
 						},
 					},
 				},