szepeviktor
commented
3 months ago @jaydrogers There is a GHA context boolean variable for that
if: ${{ github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork }}Closed jaydrogers closed 2 months ago
szepeviktor
commented
3 months ago @jaydrogers There is a GHA context boolean variable for that
if: ${{ github.event_name == 'pull_request' && ! github.event.pull_request.head.repo.fork }}
jaydrogers
commented
3 months ago Thanks! I had something similar with that, but the problem I was running into was uploading to a registry dedicated for testing.
I don't want any possibility of giving away my production credentials and I attempted to even use GHA only, but that ran into permissions errors with the GHA token.
My other thought was to create a special user for DockerHub, but even with that, PRs don't have access to secrets -- meaning I would have to use unencrypted variables 😅
szepeviktor
commented
3 months ago No, PR-s from forks should simply not publish Docker images.
szepeviktor
commented
3 months ago Here is a how to dump a GHA context. https://github.com/szepeviktor/byte-level-care/blob/master/.github/workflows/workflow.yml#L48-L63
There are a dozen of them. https://docs.github.com/en/actions/learn-github-actions/contexts
jaydrogers
commented
3 months ago I was thinking of having it create an image then dump it to a tar as an artifact?
It would just be nice to have a single source of truth for me to collaborate with someone.
That's why I was thinking some separate repository with totally separate credentials.
jaydrogers
commented
2 months ago This has been fixed and GitHub Actions will only run if it is a PR from the main repository 👍
Problem
Examples
Proposed Solution