From 049dd6547b65e8b52ed454c7817d6548b2660bff Mon Sep 17 00:00:00 2001
From: John Kristensen <john.kristensen@nre.tas.gov.au>
Date: Tue, 13 Jun 2023 16:11:11 +1000
Subject: [PATCH] Only push images from bitnami/minideb repository

Make it so that only builds triggered by the `bitnami/minideb`
repository will attempt to push images (because it is the only
repository that has access to the required secrets). This will prevent
builds in forked repositories that don't have access to the secrets from
failing.

Signed-off-by: John Kristensen <john@jerrykan.com>
---
 .github/workflows/main.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 16d2f69e..7c35c078 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -56,7 +56,7 @@ jobs:
           platform: "${{ matrix.arch }}"
           is_latest: ${{ matrix.dist == env.LATEST }}
       - name: Push
-        if: github.ref == 'refs/heads/master'
+        if: github.repository == 'bitnami/minideb' && github.ref == 'refs/heads/master'
         env:
           DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
           DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
@@ -71,7 +71,7 @@ jobs:
   deploy_manifests:
     runs-on: ubuntu-22.04
     needs: [ build_multiarch ]
-    if: github.ref == 'refs/heads/master'
+    if: github.repository == 'bitnami/minideb' && github.ref == 'refs/heads/master'
     env:
       DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
       DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
@@ -89,7 +89,7 @@ jobs:
     needs:
       - build_multiarch
       - deploy_manifests
-    if: always()
+    if: github.repository == 'bitnami/minideb'
     name: Notify unsuccessful CI run
     steps:
       - name: Notify in Slack channel