From 061586562452b79613c0a0eff3f92b3ae6ad406f Mon Sep 17 00:00:00 2001 From: ivan-aksamentov Date: Wed, 31 Jan 2024 19:51:27 +0100 Subject: [PATCH] chore: disable bot's commit & push in forks --- .github/workflows/build-and-deploy.yml | 52 ++++++++++++++++++-------- 1 file changed, 36 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml index 0d3f66373..997e609a6 100644 --- a/.github/workflows/build-and-deploy.yml +++ b/.github/workflows/build-and-deploy.yml @@ -31,11 +31,6 @@ jobs: env: VERBOSE: 0 PYTHONUNBUFFERED: 1 - DATA_AWS_S3_BUCKET: ${{ secrets.DATA_AWS_S3_BUCKET }} - DATA_AWS_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.DATA_AWS_CLOUDFRONT_DISTRIBUTION_ID }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: us-east-2 GH_TOKEN: ${{ github.token }} steps: @@ -44,7 +39,7 @@ jobs: with: fetch-depth: 0 # Number of commits to fetch. 0 indicates all history for all branches and tags. fetch-tags: true # Whether to fetch tags, even if fetch-depth > 0. - ref: ${{ github.event.pull_request.head.ref || github.ref_name }} + ref: ${{ github.event.pull_request.head.ref || github.ref }} - name: "Install system dependencies" run: | @@ -54,17 +49,26 @@ jobs: run: | pip3 install -r requirements.txt - - name: "Install awscli" + - name: "DEBUG" run: | - pushd /tmp >/dev/null - curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" - unzip -oqq awscliv2.zip - sudo ./aws/install --update - popd >/dev/null - aws --version + set -x + + echo 'github.event.pull_request.head.repo.fork =' ${{ github.event.pull_request.head.repo.fork }} + echo 'github.event.pull_request.head.repo.full_name =' ${{ github.event.pull_request.head.repo.full_name }} + echo 'github.event.pull_request.base.repo.full_name =' ${{ github.event.pull_request.base.repo.full_name }} + echo 'github.event.pull_request.head.repo.full_name || github.event.pull_request.base.repo.full_name =' ${{ github.event.pull_request.head.repo.full_name || github.event.pull_request.base.repo.full_name }} + echo '(github.event.pull_request.head.repo.full_name || github.event.pull_request.base.repo.full_name) == github.repository =' ${{ (github.event.pull_request.head.repo.full_name || github.event.pull_request.base.repo.full_name) == github.repository }} + echo 'github.event.pull_request.head.repo.fork || ((github.event.pull_request.head.repo.full_name || github.event.pull_request.base.repo.full_name) == github.repository) =' ${{ github.event.pull_request.head.repo.fork || ((github.event.pull_request.head.repo.full_name || github.event.pull_request.base.repo.full_name) == github.repository) }} + echo 'github.repository =' ${{ github.repository }} + echo 'github.ref =' ${{ github.ref }} + + - name: "Rebuild datasets (fork)" + if: ${{ github.event.pull_request.head.repo.full_name != github.repository }} + run: | + ./scripts/rebuild --input-dir 'data/' --output-dir 'data_output/' --no-pull - name: "Rebuild, commit and push datasets" - if: github.ref != 'refs/heads/release' + if: ${{ github.event.pull_request.head.repo.full_name == github.repository && github.ref != 'refs/heads/release' }} run: | git config --global user.email "${{ secrets.BOT_GIT_USER_EMAIL }}" git config --global user.name "${{ secrets.BOT_GIT_USER_NAME }}" @@ -72,15 +76,31 @@ jobs: ./scripts/rebuild --input-dir 'data/' --output-dir 'data_output/' --push --repo="${GITHUB_REPOSITORY}" - name: "Rebuild, commit, push and make a release" - if: github.ref == 'refs/heads/release' + if: ${{ github.event.pull_request.head.repo.full_name == github.repository && github.ref == 'refs/heads/release' }} run: | git config --global user.email "${{ secrets.BOT_GIT_USER_EMAIL }}" git config --global user.name "${{ secrets.BOT_GIT_USER_NAME }}" ./scripts/rebuild --input-dir 'data/' --output-dir 'data_output/' --release --repo="${GITHUB_REPOSITORY}" + - name: "Install awscli" + if: ${{ github.event.pull_request.head.repo.full_name == github.repository && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/staging' || github.ref == 'refs/heads/release') }} + run: | + pushd /tmp >/dev/null + curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" + unzip -oqq awscliv2.zip + sudo ./aws/install --update + popd >/dev/null + aws --version + - name: "Deploy dataset server" - if: ${{ endsWith(github.ref, '/master') || endsWith(github.ref, '/staging') || endsWith(github.ref, '/release') }} + if: ${{ github.event.pull_request.head.repo.full_name == github.repository && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/staging' || github.ref == 'refs/heads/release') }} + env: + DATA_AWS_S3_BUCKET: ${{ secrets.DATA_AWS_S3_BUCKET }} + DATA_AWS_CLOUDFRONT_DISTRIBUTION_ID: ${{ secrets.DATA_AWS_CLOUDFRONT_DISTRIBUTION_ID }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: us-east-2 run: | ./scripts/upload 'data_output/'