From 6b8c49b36a8e2c2bd729cd0acc8f9cefde38ec2a Mon Sep 17 00:00:00 2001 From: Erik Martin-Dorel Date: Wed, 13 Oct 2021 17:59:20 +0200 Subject: [PATCH] ci: Ensure the CD-related workflows won't run on forks (#446) * release.yml: Run only upstream * deploy-master.yml: Run only upstream * build-and-test.yml: Run always, but schedules run only upstream * static-builds.yml: Run always, but schedules run only upstream * build-macos.yml: (Kept as is) --- .github/workflows/build-and-test.yml | 3 +++ .github/workflows/deploy-master.yml | 3 +++ .github/workflows/release.yml | 2 +- .github/workflows/static-builds.yml | 2 ++ 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 9e1f4b144..53e2e3189 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -14,6 +14,7 @@ on: jobs: build_test_server: name: Build learn-ocaml and run tests + if: ${{ github.event_name != 'schedule' || github.repository == 'ocaml-sf/learn-ocaml' }} runs-on: ubuntu-latest steps: - name: Check out the repo @@ -29,6 +30,7 @@ jobs: client_using_other_server: name: Build learn-ocaml-client and run quick tests + if: ${{ github.event_name != 'schedule' || github.repository == 'ocaml-sf/learn-ocaml' }} runs-on: ubuntu-latest strategy: fail-fast: false @@ -53,6 +55,7 @@ jobs: build_extra_tests: name: Run dockerized tests + if: ${{ github.event_name != 'schedule' || github.repository == 'ocaml-sf/learn-ocaml' }} runs-on: ubuntu-latest strategy: fail-fast: false diff --git a/.github/workflows/deploy-master.yml b/.github/workflows/deploy-master.yml index a13428266..836fe1572 100644 --- a/.github/workflows/deploy-master.yml +++ b/.github/workflows/deploy-master.yml @@ -10,6 +10,7 @@ on: jobs: push_server: name: Push learn-ocaml image to Docker Hub + if: ${{ github.repository == 'ocaml-sf/learn-ocaml' }} runs-on: ubuntu-latest steps: - name: Check out the repo @@ -26,6 +27,7 @@ jobs: tags: master push_client: name: Push learn-ocaml-client image to Docker Hub + if: ${{ github.repository == 'ocaml-sf/learn-ocaml' }} runs-on: ubuntu-latest steps: - name: Check out the repo @@ -43,6 +45,7 @@ jobs: tags: master push_emacs_client: name: Push emacs-learn-ocaml-client image to Docker Hub + if: ${{ github.repository == 'ocaml-sf/learn-ocaml' }} needs: push_client runs-on: ubuntu-latest steps: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f832d066e..e49dbd97f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: release-please: name: Create Release runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'success' }} + if: ${{ github.event.workflow_run.conclusion == 'success' && github.repository == 'ocaml-sf/learn-ocaml'}} outputs: release_created: ${{ steps.release.outputs.release_created }} upload_url: ${{ steps.release.outputs.upload_url }} diff --git a/.github/workflows/static-builds.yml b/.github/workflows/static-builds.yml index 3b39e9d6c..23a417beb 100644 --- a/.github/workflows/static-builds.yml +++ b/.github/workflows/static-builds.yml @@ -14,6 +14,7 @@ on: jobs: static-bin-linux: name: Builds static Linux binaries + if: ${{ github.event_name != 'schedule' || github.repository == 'ocaml-sf/learn-ocaml' }} runs-on: ubuntu-latest strategy: matrix: @@ -43,6 +44,7 @@ jobs: path: ${{ matrix.artifact }} static-bin-macos: name: Builds static Macos binaries + if: ${{ github.event_name != 'schedule' || github.repository == 'ocaml-sf/learn-ocaml' }} runs-on: macos-latest env: OPAMYES: 1