ci: don't run membrowse workflows on forks

julek-wolfssl · julek-wolfssl · commit 49c55f440160 · 2026-06-01T17:36:26.000+02:00
The report job runs on a nightly schedule and would also fire on any
fork with Actions enabled, burning fork CI minutes and reporting fork
builds to the membrowse backend. Guard the jobs with
github.repository_owner == 'wolfssl', matching tls-anvil.yml and
coverity-scan-fixes.yml.
diff --git a/.github/workflows/membrowse-onboard.yml b/.github/workflows/membrowse-onboard.yml
@@ -11,6 +11,9 @@ on:
 
 jobs:
   load-targets:
+    # Only run from the wolfssl org to avoid burning forks' CI minutes
+    # and reporting fork builds to the membrowse backend.
+    if: github.repository_owner == 'wolfssl'
     runs-on: ubuntu-24.04
     timeout-minutes: 10
     outputs:
@@ -25,6 +28,7 @@ jobs:
 
   onboard:
     needs: load-targets
+    if: github.repository_owner == 'wolfssl'
     runs-on: ubuntu-24.04
     timeout-minutes: 10
     strategy:
diff --git a/.github/workflows/membrowse-report.yml b/.github/workflows/membrowse-report.yml
@@ -15,6 +15,9 @@ concurrency:
 
 jobs:
   load-targets:
+    # Only run from the wolfssl org to avoid burning forks' CI minutes
+    # and reporting fork builds to the membrowse backend.
+    if: github.repository_owner == 'wolfssl'
     runs-on: ubuntu-24.04
     timeout-minutes: 10
     outputs:
@@ -29,6 +32,7 @@ jobs:
 
   analyze:
     needs: load-targets
+    if: github.repository_owner == 'wolfssl'
     runs-on: ubuntu-24.04
     timeout-minutes: 10
     strategy:
