Changes based on the review comments

amulyavarote · amulyavarote · commit ed636ec0535f · 2022-03-15T10:04:39.000-07:00
Signed-off-by: Amulya Varote &lt;amulyavarote@QTM-SWATHIKIL-1.redmond.corp.microsoft.com&gt;
diff --git a/.github/workflows/fossa.yaml b/.github/workflows/fossa.yaml
@@ -6,28 +6,27 @@ on:
     branches:
       - master
       - release-*
-      - feature/*
     tags:
       - v*
   pull_request:
     branches:
       - master
       - release-*
-      - feature/*
   workflow_dispatch: {}
 jobs:
   fossa-scan:
+    if: github.repository_owner == 'dapr' # FOSSA is not intended to run on forks.
     runs-on: ubuntu-latest
     env:
-      FOSSA_API_KEY: b88e1f4287c3108c8751bf106fb46db6 
+      FOSSA_API_KEY: b88e1f4287c3108c8751bf106fb46db6 # This is a PUSH ONLY token that is safe to be shared with the public
     steps:
       - name: "Checkout code"
         uses: actions/checkout@v3
 
       - name: "Run FOSSA Scan"
         uses: fossas/fossa-action@main # Use a specific version if locking is preferred
         with:
-          api-key: ${{ env.FOSSA_API_KEY }} # This is a PUSH ONLY token that is safe to be shared with the public
+          api-key: ${{ env.FOSSA_API_KEY }}
           
       - name: "Run FOSSA Test"
         uses: fossas/fossa-action@main # Use a specific version if locking is preferred
