Disable certain actions from running on forks (#23747)

* Disable certain actions from running on forks * Address some feedback * Check for forks in build-docker job
2025-02-25 18:55:24 -06:00 · 2023-08-08 16:45:24 -04:00 · 2023-08-08 16:45:24 -04:00 · 0e30d0abb8
commit 0e30d0abb8
parent e1c6ae7d85
5 changed files with 8 additions and 2 deletions
--- a/.github/workflows/artifacts.yml
+++ b/.github/workflows/artifacts.yml
@ -9,7 +9,7 @@ jobs:
  upload-s3:
    name: cd/Upload artifacts to S3
    runs-on: ubuntu-22.04
-    if: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success'
+    if: github.repository_owner == 'mattermost' && github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success'
    steps:
      - name: cd/Configure AWS
        uses: aws-actions/configure-aws-credentials@07c2f971bac433df982ccc261983ae443861db49 # v1-node16
@ -36,7 +36,7 @@ jobs:
    name: cd/Build and push docker image
    needs: upload-s3
    runs-on: ubuntu-22.04
-    if: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success'
+    if: github.repository_owner == 'mattermost' && github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success'
    steps:
      - name: cd/Login to Docker Hub
        uses: docker/login-action@3da7dc6e2b31f99ef2cb9fb4c50fb0971e0d0139 # v2.1.0
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -15,6 +15,7 @@ jobs:
    permissions:
      security-events: write  # for github/codeql-action/autobuild to send a status report
    name: Analyze
+    if: github.repository_owner == 'mattermost'
    runs-on: ubuntu-latest

    strategy:
--- a/.github/workflows/docker-push-mirrored.yml
+++ b/.github/workflows/docker-push-mirrored.yml
@ -10,6 +10,7 @@ on:
 jobs:
  build-docker:
    name: cd/Push mirrored docker images
+    if: github.repository_owner == 'mattermost'
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout mattermost project
--- a/.github/workflows/esrupgrade.yml
+++ b/.github/workflows/esrupgrade.yml
@ -13,6 +13,7 @@ on:
 jobs:
  esr-upgrade-5_37-7_8:
    name: Run ESR upgrade script from 5.37 to 7.8
+    if: github.repository_owner == 'mattermost'
    uses: ./.github/workflows/esrupgrade-common.yml
    with:
      db-dump-url: https://lt-public-data.s3.amazonaws.com/47K_537_mysql_collationfixed.sql.gz
@ -20,6 +21,7 @@ jobs:
      final-version: 7.8
  esr-upgrade-5_37-6_3:
    name: Run ESR upgrade script from 5.37 to 6.3
+    if: github.repository_owner == 'mattermost'
    uses: ./.github/workflows/esrupgrade-common.yml
    with:
      db-dump-url: https://lt-public-data.s3.amazonaws.com/47K_537_mysql_collationfixed.sql.gz
@ -27,6 +29,7 @@ jobs:
      final-version: 6.3
  esr-upgrade-6_3-7_8:
    name: Run ESR upgrade script from 6.3 to 7.8
+    if: github.repository_owner == 'mattermost'
    uses: ./.github/workflows/esrupgrade-common.yml
    with:
      db-dump-url: https://lt-public-data.s3.amazonaws.com/47K_63_mysql.sql.gz
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@ -11,6 +11,7 @@ permissions: read-all
 jobs:
  analysis:
    name: Scorecards analysis
+    if: github.repository_owner == 'mattermost'
    runs-on: ubuntu-latest
    permissions:
      # Needed to upload the results to code-scanning dashboard.