Skip to content

Commit

Permalink
fix: dont run workflows outside of npm org (#194)
Browse files Browse the repository at this point in the history
This adds a `if: github.repository_owner == 'npm'` to each workflow so
they don't run outside of the npm organization by default.

Closes #182
  • Loading branch information
lukekarrys committed Sep 15, 2022
1 parent 849cecc commit ffa2c08
Show file tree
Hide file tree
Showing 15 changed files with 48 additions and 31 deletions.
1 change: 1 addition & 0 deletions .github/workflows/audit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ on:

jobs:
audit:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ on:

jobs:
lint:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -34,6 +35,7 @@ jobs:
- run: npm run lint

test:
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/post-dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ permissions:

jobs:
template-oss-apply:
if: github.repository_owner == 'npm' && github.actor == 'dependabot[bot]'
runs-on: ubuntu-latest
if: github.actor == 'dependabot[bot]'
steps:
- uses: actions/checkout@v3
with:
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/pull-request.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ on:
jobs:
check:
name: Check PR Title or Commits
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down
3 changes: 2 additions & 1 deletion .github/workflows/release-please.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ jobs:
outputs:
pr: ${{ steps.release.outputs.pr }}
release: ${{ steps.release.outputs.release }}
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -79,7 +80,7 @@ jobs:

post-release:
needs: release-please
if: needs.release-please.outputs.release
if: github.repository_owner == 'npm' && needs.release-please.outputs.release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ on:

jobs:
lint-all:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -30,6 +31,7 @@ jobs:
- run: npm run lint -ws -iwr --if-present

test-all:
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down
1 change: 1 addition & 0 deletions lib/content/_setup-job-matrix.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down
1 change: 1 addition & 0 deletions lib/content/_setup-job.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
if: github.repository_owner == 'npm' {{~#if jobIf}} && {{{jobIf}}}{{/if}}
runs-on: ubuntu-latest
steps:
{{> setupGit}}
Expand Down
6 changes: 1 addition & 5 deletions lib/content/audit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,5 @@ on:

jobs:
audit:
runs-on: ubuntu-latest
steps:
{{> setupGit}}
{{> setupNode}}
{{> setupDeps flags="--package-lock"}}
{{> setupJob flags="--package-lock"}}
- run: {{rootNpmPath}} audit
7 changes: 1 addition & 6 deletions lib/content/post-dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,7 @@ permissions:

jobs:
template-oss-apply:
runs-on: ubuntu-latest
if: github.actor == 'dependabot[bot]'
steps:
{{> setupGit checkout=(obj ref="${{ github.event.pull_request.head_ref }}")}}
{{> setupNode}}
{{> setupDeps}}
{{> setupJob jobIf="github.actor == 'dependabot[bot]'" checkout=(obj ref="${{ github.event.pull_request.head_ref }}")}}
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v1.1.1
Expand Down
6 changes: 1 addition & 5 deletions lib/content/pull-request.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,7 @@ on:
jobs:
check:
name: Check PR Title or Commits
runs-on: ubuntu-latest
steps:
{{> setupGit checkout=(obj fetch-depth=0)}}
{{> setupNode}}
{{> setupDeps}}
{{> setupJob checkout=(obj fetch-depth=0)}}
- name: Check commits or PR title
env:
PR_TITLE: $\{{ github.event.pull_request.title }}
Expand Down
3 changes: 1 addition & 2 deletions lib/content/release-please.yml
Original file line number Diff line number Diff line change
Expand Up @@ -56,8 +56,7 @@ jobs:

post-release:
needs: release-please
if: needs.release-please.outputs.release
{{> setupJob }}
{{> setupJob jobIf="needs.release-please.outputs.release" }}
- name: Post release actions
env:
GITHUB_TOKEN: $\{{ secrets.GITHUB_TOKEN }}
Expand Down
6 changes: 1 addition & 5 deletions lib/content/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,7 @@ on:

jobs:
lint-all:
runs-on: ubuntu-latest
steps:
{{> setupGit checkout=(obj ref="${{ inputs.ref }}")}}
{{> setupNode}}
{{> setupDeps}}
{{> setupJob checkout=(obj ref="${{ inputs.ref }}")}}
- run: {{rootNpmPath}} run lint -ws -iwr --if-present

test-all:
Expand Down
35 changes: 30 additions & 5 deletions tap-snapshots/test/apply/source-snapshots.js.test.cjs
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,7 @@ on:
jobs:
audit:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -214,6 +215,7 @@ on:
jobs:
lint:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -231,6 +233,7 @@ jobs:
- run: npm run lint
test:
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -345,8 +348,8 @@ permissions:
jobs:
template-oss-apply:
if: github.repository_owner == 'npm' && github.actor == 'dependabot[bot]'
runs-on: ubuntu-latest
if: github.actor == 'dependabot[bot]'
steps:
- uses: actions/checkout@v3
with:
Expand Down Expand Up @@ -394,6 +397,7 @@ on:
jobs:
check:
name: Check PR Title or Commits
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -438,6 +442,7 @@ jobs:
outputs:
pr: \${{ steps.release.outputs.pr }}
release: \${{ steps.release.outputs.release }}
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -500,7 +505,7 @@ jobs:
post-release:
needs: release-please
if: needs.release-please.outputs.release
if: github.repository_owner == 'npm' && needs.release-please.outputs.release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -536,6 +541,7 @@ on:
jobs:
lint-all:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -555,6 +561,7 @@ jobs:
- run: npm run lint -ws -iwr --if-present
test-all:
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -963,6 +970,7 @@ on:
jobs:
audit:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -1004,6 +1012,7 @@ on:
jobs:
lint:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -1021,6 +1030,7 @@ jobs:
- run: npm run lint -w a
test:
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -1099,6 +1109,7 @@ on:
jobs:
lint:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -1116,6 +1127,7 @@ jobs:
- run: npm run lint -w b
test:
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -1196,6 +1208,7 @@ on:
jobs:
lint:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -1213,6 +1226,7 @@ jobs:
- run: npm run lint
test:
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -1327,8 +1341,8 @@ permissions:
jobs:
template-oss-apply:
if: github.repository_owner == 'npm' && github.actor == 'dependabot[bot]'
runs-on: ubuntu-latest
if: github.actor == 'dependabot[bot]'
steps:
- uses: actions/checkout@v3
with:
Expand Down Expand Up @@ -1376,6 +1390,7 @@ on:
jobs:
check:
name: Check PR Title or Commits
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -1420,6 +1435,7 @@ jobs:
outputs:
pr: \${{ steps.release.outputs.pr }}
release: \${{ steps.release.outputs.release }}
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -1482,7 +1498,7 @@ jobs:
post-release:
needs: release-please
if: needs.release-please.outputs.release
if: github.repository_owner == 'npm' && needs.release-please.outputs.release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -1518,6 +1534,7 @@ on:
jobs:
lint-all:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -1537,6 +1554,7 @@ jobs:
- run: npm run lint -ws -iwr --if-present
test-all:
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -1964,6 +1982,7 @@ on:
jobs:
lint:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -1981,6 +2000,7 @@ jobs:
- run: npm run lint -w a
test:
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -2059,6 +2079,7 @@ on:
jobs:
lint:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -2076,6 +2097,7 @@ jobs:
- run: npm run lint -w b
test:
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -2150,6 +2172,7 @@ jobs:
outputs:
pr: \${{ steps.release.outputs.pr }}
release: \${{ steps.release.outputs.release }}
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -2212,7 +2235,7 @@ jobs:
post-release:
needs: release-please
if: needs.release-please.outputs.release
if: github.repository_owner == 'npm' && needs.release-please.outputs.release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -2248,6 +2271,7 @@ on:
jobs:
lint-all:
if: github.repository_owner == 'npm'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -2267,6 +2291,7 @@ jobs:
- run: npm run lint -ws -iwr --if-present
test-all:
if: github.repository_owner == 'npm'
strategy:
fail-fast: false
matrix:
Expand Down
Loading

0 comments on commit ffa2c08

Please sign in to comment.