Skip to content

Commit

Permalink
Add condition on "deploy" step to only trigger on forks (#32)
Browse files Browse the repository at this point in the history 
see DISCLAIMER comment
add required secrets in comment

On main branch the condition on the deploy step was:
github.event_name == 'push' || github.event_name == 'workflow_dispatch'

It must be resolved given that we want to avoid triggering on forks (due
to possibly missing secrets leading to failing workflow)
it then become:
(github.event_name == 'push' && github.event.repository.fork == 'false') || github.event_name == 'workflow_dispatch'
    <==>
If it is a classic push:
 - on fork *do not* trigger deployment
 - on base repo trigger deployment
But if it is manually triggered, execute deployment step anyway
maybe we're on fork maybe we're not but this is user triggered so it the
user's responsability anyway.
  • Loading branch information
@ctmbl
ctmbl committed Apr 14, 2024
1 parent 9f1ba53 commit c157dfb
Showing 1 changed file with 15 additions and 2 deletions.
17 changes: 15 additions & 2 deletions .github/workflows/build_and_deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,23 @@ jobs:
path: ./build/blog

# Deployment job: heavily inspired from https://swharden.com/blog/2022-03-20-github-actions-hugo/
# /!\ only triggers on push events and manually triggered
# /!\ only triggers on (push events AND non-fork repos) OR manually triggered
## Required secrets:
# - SSH_KNOWN_HOSTS
# - PRIVATE_SSH_KEY
# - CI_USER_NAME
# - STATIC_WEBSITE_PATH
deploy:
needs: [build]
if: ${{ github.event_name == 'push' || github.event_name == 'workflow_dispatch' }}
# DISCLAIMER:
# The following is a very POOR solution to avoid *failing deploy step* due to missing secrets
# on fork repositories, but sadly the `env` context is not accessible from `jobs.<job_id>.if`:
# https://docs.github.com/en/actions/learn-github-actions/contexts#context-availability
#
# If for any reason you want to trigger this step on your fork remove the following line,
# trigger manually or open an issue https://github.com/iScsc/blog.iscsc.fr/issues,
# we'll find a better way to skip this step.
if: ${{ (github.event_name == 'push' && github.event.repository.fork == 'false') || github.event_name == 'workflow_dispatch' }}
runs-on: ubuntu-latest
steps:
- name: 🛠️ Setup build directory
Expand Down

0 comments on commit c157dfb

Please sign in to comment.