diff --git a/doc/source/general-roles.rst b/doc/source/general-roles.rst
index 7a18505a8..0f50d8b9c 100644
--- a/doc/source/general-roles.rst
+++ b/doc/source/general-roles.rst
@@ -30,6 +30,7 @@ General Purpose Roles
 .. zuul:autorole:: start-zuul-console
 .. zuul:autorole:: test-setup
 .. zuul:autorole:: trigger-readthedocs
+.. zuul:autorole:: upload-git-mirror
 .. zuul:autorole:: validate-dco-license
 .. zuul:autorole:: validate-host
 .. zuul:autorole:: version-from-git
diff --git a/roles/upload-git-mirror/README.rst b/roles/upload-git-mirror/README.rst
new file mode 100644
index 000000000..34a998ed1
--- /dev/null
+++ b/roles/upload-git-mirror/README.rst
@@ -0,0 +1,30 @@
+Mirrors a git repository to a remote git server
+
+Meant to be used after a change was successfully merged, this role mirrors a
+tested git repository to a remote git server over SSH.
+
+The role assumes that git has been previously installed and does not require
+superuser privileges to run.
+
+**Role Variables**
+
+.. zuul:rolevar:: git_mirror_credentials
+
+   Dictionary that provides the remote git repository credentials
+
+  .. zuul:rolevar:: user
+
+     SSH user for the remote git repository
+
+  .. zuul:rolevar:: host
+
+     SSH host for the remote git repository
+
+  .. zuul:rolevar:: key
+
+     Literal private key contents.
+     Should start with something like ``-----BEGIN RSA PRIVATE KEY-----``.
+
+.. zuul:rolevar:: repository
+
+   Path of the remote git repository
\ No newline at end of file
diff --git a/roles/upload-git-mirror/defaults/main.yaml b/roles/upload-git-mirror/defaults/main.yaml
new file mode 100644
index 000000000..84eb22142
--- /dev/null
+++ b/roles/upload-git-mirror/defaults/main.yaml
@@ -0,0 +1,9 @@
+---
+# git push --mirror {{ git_mirror_credentials.user }}@{{ git_mirror_credentials.host }}:{{ git_mirror_credentials.repository }}
+# git_mirror_credentials:
+#   user:
+#   host:
+#   key:
+
+# Repository to replicate to
+# git_mirror_repository:
diff --git a/roles/upload-git-mirror/tasks/main.yaml b/roles/upload-git-mirror/tasks/main.yaml
new file mode 100644
index 000000000..06cbb00e8
--- /dev/null
+++ b/roles/upload-git-mirror/tasks/main.yaml
@@ -0,0 +1,47 @@
+- block:
+    - name: Create SSH private key tempfile
+      tempfile:
+        state: file
+      register: ssh_private_key_tmp
+
+    - name: Set up private key
+      copy:
+        content: "{{ git_mirror_credentials.key }}"
+        dest: "{{ ssh_private_key_tmp.path }}"
+        mode: 0600
+
+    - name: Generate SSH configuration
+      set_fact:
+        ssh_config: |
+            host {{ git_mirror_credentials.host }}
+              HostName {{ git_mirror_credentials.host }}
+              IdentityFile {{ ssh_private_key_tmp.path }}
+              User {{ git_mirror_credentials.user }}
+
+    - name: Write SSH configuration to ~/.ssh/config
+      blockinfile:
+        state: present
+        path: "{{ ansible_user_dir }}/.ssh/config"
+        create: yes
+        mode: 0600
+        block: "{{ ssh_config }}"
+
+    - name: Mirror the git repository
+      command: git push --mirror {{ git_mirror_credentials.user }}@{{ git_mirror_credentials.host }}:{{ git_mirror_repository }}
+      args:
+        chdir: "{{ ansible_user_dir }}/{{ zuul.project.src_dir }}"
+      tags:
+        - skip_ansible_lint
+  always:
+    # Registered variables below are only used for integration testing
+    - name: Remove SSH private key from disk
+      command: "shred --remove {{ ssh_private_key_tmp.path }}"
+      register: git_mirror_key_removed
+
+    - name: Remove SSH configuration in ~/.ssh/config
+      blockinfile:
+        state: absent
+        path: "{{ ansible_user_dir }}/.ssh/config"
+        mode: 0600
+        block: "{{ ssh_config }}"
+      register: git_mirror_ssh_config_removed