From 4b1505abb72431aa3bd5d0d2e9e00d5c84ed1565 Mon Sep 17 00:00:00 2001 From: fkwp Date: Wed, 10 Apr 2024 19:33:58 +0000 Subject: [PATCH] limit docker image creation to element-hq/element-call PRs only --- .github/workflows/docker-pr.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker-pr.yaml b/.github/workflows/docker-pr.yaml index c42458a4..4c22b9be 100644 --- a/.github/workflows/docker-pr.yaml +++ b/.github/workflows/docker-pr.yaml @@ -1,4 +1,6 @@ name: Docker PR Preview +# Note pushing docker images is not possible from a public forked repo (see: Can't push to ghcr on a pull request, https://github.com/docker/build-push-action/issues/870) +# Hence, this workflow is limited to PRs from element-hq/element-call on: pull_request: @@ -14,10 +16,11 @@ env: # and not wanting to workaround like https://stackoverflow.com/questions/73797254/environment-variables-in-github-actions/74217028#74217028 # we disable for now a gloabl env variable since env is not available in job.if # DO_DOCKER_BUILD: ${{ contains(github.event.pull_request.labels.*.name, 'docker build') }} + # NOT_FROM_FORK: ${{ github.event.pull_request.head.repo.full_name == github.repository }} jobs: build_element_call: - if: ${{ contains(github.event.pull_request.labels.*.name, 'docker build') }} + if: ${{ contains(github.event.pull_request.labels.*.name, 'docker build') && github.event.pull_request.head.repo.full_name == github.repository }} uses: ./.github/workflows/build_resuable.yaml secrets: SENTRY_ORG: ${{ secrets.SENTRY_ORG }} @@ -26,7 +29,7 @@ jobs: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} build_docker: - if: ${{ contains(github.event.pull_request.labels.*.name, 'docker build') }} + if: ${{ contains(github.event.pull_request.labels.*.name, 'docker build') && github.event.pull_request.head.repo.full_name == github.repository }} needs: build_element_call runs-on: ubuntu-latest permissions: