Prevent CI jobs with secrets from running in forks

These Github actions will run only in the upstream repository CLA: trivial Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/27275)
2025-04-04 10:50:22 +02:00 · 2025-04-04 10:50:22 +02:00 · ee52d7d327
parent 28de1f5004
commit ee52d7d327
4 changed files with 4 additions and 0 deletions
--- a/.github/workflows/build_quic_interop_container.yml
+++ b/.github/workflows/build_quic_interop_container.yml
@ -7,6 +7,7 @@ on:

 jobs:
  update_quay_container:
+    if: github.repository == 'openssl/openssl'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
--- a/.github/workflows/deploy-docs-openssl-org.yml
+++ b/.github/workflows/deploy-docs-openssl-org.yml
@ -10,6 +10,7 @@ on:

 jobs:
  trigger:
+    if: github.repository == 'openssl/openssl'
    runs-on: ubuntu-latest
    steps:
      - name: "Trigger deployment workflow"
--- a/.github/workflows/static-analysis-on-prem.yml
+++ b/.github/workflows/static-analysis-on-prem.yml
@ -17,6 +17,7 @@ permissions:

 jobs:
  coverity-analysis:
+    if: github.repository == 'openssl/openssl'
    runs-on: ubuntu-latest
    container: quay.io/openssl-ci/coverity-analysis:2024.3.1
    steps:
--- a/.github/workflows/static-analysis.yml
+++ b/.github/workflows/static-analysis.yml
@ -18,6 +18,7 @@ permissions:

 jobs:
  coverity:
+    if: github.repository == 'openssl/openssl'
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4