Description
Currently, the check_cirrus_cron GitHub Actions workflow (.github/workflows/check_cirrus_cron.yml or similar) can be triggered on forked repositories if a contributor enables GitHub Actions.
The Problem
Because forked repositories do not have access to the upstream repository's secrets (such as SECRET_CIRRUS_API_KEY, ACTION_MAIL_SERVER, ACTION_MAIL_PASSWORD, etc.), the workflow inevitably fails. This causes unnecessary workflow failure notifications and clutters the Actions tab for contributors, creating confusion.
Proposed Soltion
To prevent this, we should restrict the cron_failures job so that it only runs on the upstream repository. We can easily achieve this by adding an if condition at the job level.
jobs:
cron_failures:
# Add this condition to prevent execution on forks
if: github.repository == 'containers/podman'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
# ... remaining code ...
Description
Currently, the check_cirrus_cron GitHub Actions workflow (.github/workflows/check_cirrus_cron.yml or similar) can be triggered on forked repositories if a contributor enables GitHub Actions.
The Problem
Because forked repositories do not have access to the upstream repository's secrets (such as SECRET_CIRRUS_API_KEY, ACTION_MAIL_SERVER, ACTION_MAIL_PASSWORD, etc.), the workflow inevitably fails. This causes unnecessary workflow failure notifications and clutters the Actions tab for contributors, creating confusion.
Proposed Soltion
To prevent this, we should restrict the cron_failures job so that it only runs on the upstream repository. We can easily achieve this by adding an if condition at the job level.