From 7aa0b1810724c8cb165a5fb4563d67fe04bcc01c Mon Sep 17 00:00:00 2001
From: WaterLemons2k <62788816+WaterLemons2k@users.noreply.github.com>
Date: Wed, 12 Apr 2023 23:58:59 +0800
Subject: [PATCH] ci: success in forked repository (#670)

There're two workflows in forked repository that will fail: `docker-image.yml` and `release.yml`.

`docker-image.yml` fails because the secrets it needs does not exist in forked repository. Running it only in the `jeessy2/ddns-go` repository to fix this.

`release.yml` fails because the default `GITHUB_TOKEN` permission is now read-only. Add `contents: write` to fix this.

References:
- https://docs.github.com/actions/using-workflows/workflow-syntax-for-github-actions#example-only-run-job-for-specific-repository
- https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/
- https://github.com/goreleaser/goreleaser-action#environment-variables
---
 .github/workflows/docker-image.yml | 1 +
 .github/workflows/release.yml      | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
index ee1638a98..74e4bbe14 100644
--- a/.github/workflows/docker-image.yml
+++ b/.github/workflows/docker-image.yml
@@ -10,6 +10,7 @@ on:
  
 jobs:
   buildx-dockerhub:
+    if: github.repository == 'jeessy2/ddns-go'
     runs-on: ubuntu-latest
     env:
       DOCKER_REPO: ${{ secrets.DOCKER_USERNAME }}/ddns-go
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index a900394d0..25d8da531 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -6,6 +6,9 @@ on:
     tags:
     - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
 
+permissions:
+  contents: write
+
 jobs:
   goreleaser:
     name: Build