diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3ffd4ea..6112667 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -25,7 +25,7 @@ jobs: - uses: pre-commit/action@v1.0.1 build-test-push: - if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) + if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || github.event_name == 'pull_request' runs-on: ubuntu-latest needs: pre-commit permissions: @@ -62,6 +62,8 @@ jobs: # Github does not allow evaluating a secret in an if condition, so we need to set them as environment variables DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} DOCKERHUB_LOGIN: ${{ secrets.DOCKERHUB_LOGIN }} + BOT_TOKEN: ${{ secrets.BOT_TOKEN }} + BOT_LOGIN: ${{ secrets.BOT_LOGIN }} steps: # Image repo names have to be lowercase. - name: Lowercase image repository name @@ -98,8 +100,9 @@ jobs: REGISTRY_USERNAME: ${{ env.DOCKERHUB_LOGIN }} run: ./hooks/push - name: Push Docker Image to GitHub Registry + if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository || env.BOT_TOKEN && env.BOT_LOGIN env: REGISTRY_HOST: ghcr.io - REGISTRY_TOKEN: ${{ secrets.BOT_TOKEN || secrets.GITHUB_TOKEN }} - REGISTRY_USERNAME: ${{ secrets.BOT_LOGIN || github.repository_owner }} + REGISTRY_TOKEN: ${{ secrets.BOT_LOGIN && secrets.BOT_TOKEN || secrets.GITHUB_TOKEN }} + REGISTRY_USERNAME: ${{ secrets.BOT_TOKEN && secrets.BOT_LOGIN || github.repository_owner }} run: ./hooks/push