Skip to content
This repository was archived by the owner on Apr 10, 2025. It is now read-only.

Commit 921137f

Browse files
ethanjliethanjli
authored
Don't push container images in PRs from forks (#30)
1 parent 9c87f5b commit 921137f

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

.github/workflows/processing-segmenter-build.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@ jobs:
6868
with:
6969
context: ./processing/segmenter
7070
pull: true
71-
push: ${{ github.event_name == 'pull_request' || github.event_name == 'push' || github.event_name == 'push tag' }}
71+
push: ${{ (github.event_name == 'pull_request' && !github.event.pull_request.head.repo.fork) || github.event_name == 'push' || github.event_name == 'push tag' }}
7272
platforms: ${{ matrix.platform }}
7373
tags: ${{ env.REGISTRY_IMAGE }}
7474
labels: ${{ steps.meta.outputs.labels }}
@@ -121,20 +121,20 @@ jobs:
121121

122122
- name: Log in to GitHub Container Registry
123123
uses: docker/login-action@v3
124-
if: github.event_name == 'pull_request' || github.event_name == 'push' || github.event_name == 'push tag'
124+
if: ${{ (github.event_name == 'pull_request' && !github.event.pull_request.head.repo.fork) || github.event_name == 'push' || github.event_name == 'push tag' }}
125125
with:
126126
registry: ghcr.io
127127
username: ${{ github.repository_owner }}
128128
password: ${{ secrets.GITHUB_TOKEN }}
129129

130130
- name: Create manifest list and push
131131
working-directory: /tmp/digests
132-
if: github.event_name == 'pull_request' || github.event_name == 'push' || github.event_name == 'push tag'
132+
if: ${{ (github.event_name == 'pull_request' && !github.event.pull_request.head.repo.fork) || github.event_name == 'push' || github.event_name == 'push tag' }}
133133
run: |
134134
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
135135
$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
136136
137137
- name: Inspect image
138-
if: github.event_name == 'pull_request' || github.event_name == 'push' || github.event_name == 'push tag'
138+
if: ${{ (github.event_name == 'pull_request' && !github.event.pull_request.head.repo.fork) || github.event_name == 'push' || github.event_name == 'push tag' }}
139139
run: |
140140
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}

0 commit comments

Comments
 (0)