ci: avoid running some actions on forks (#26937)

nuxt · Apr 26, 2024 · 4173b7a · 4173b7a
1 parent 57e1a60
commit 4173b7a
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 0 deletions.
diff --git a/.github/workflows/reproduire-close.yml b/.github/workflows/reproduire-close.yml
@@ -10,6 +10,7 @@ permissions:
 jobs:
   stale:
     runs-on: ubuntu-latest
+    if: github.event_name == 'workflow_dispatch' || github.repository == 'nuxt/nuxt'
     steps:
       - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0
         with:

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -28,6 +28,7 @@ jobs:
       id-token: write
       contents: read
       actions: read
+    if: github.event_name == 'push' || github.repository == 'nuxt/nuxt'
 
     steps:
       - name: "Checkout code"
@@ -59,6 +60,7 @@ jobs:
       # format to the repository Actions tab.
       - name: "Upload artifact"
         uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+        if: github.repository == 'nuxt/nuxt' && success()
         with:
           name: SARIF file
           path: results.sarif
@@ -67,5 +69,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
         uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
+        if: github.repository == 'nuxt/nuxt' && success()
         with:
           sarif_file: results.sarif