From e0dbbc747f7e9edc2e836d987fc6798751aada46 Mon Sep 17 00:00:00 2001
From: Nolan Brubaker <brubakern@vmware.com>
Date: Tue, 22 Sep 2020 18:04:50 -0400
Subject: [PATCH] Don't attempt to publish docker images on forks (#2953)

* Don't attempt to publish docker images on forks

When the Main CI workflow runs on a fork, the docker push step will
always fail because the appropriate secrets are missing. This is
annoying at best and causes CI on forks to be untrustworthy at worst.

Signed-off-by: Nolan Brubaker <brubakern@vmware.com>

* Use single quotes for string, as github expects

Signed-off-by: Nolan Brubaker <brubakern@vmware.com>
---
 .github/workflows/push-builder.yml | 2 ++
 .github/workflows/push.yml         | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/.github/workflows/push-builder.yml b/.github/workflows/push-builder.yml
index 5f702042e..ef257ae8c 100644
--- a/.github/workflows/push-builder.yml
+++ b/.github/workflows/push-builder.yml
@@ -17,7 +17,9 @@ jobs:
     - name: Build
       run: make build-image
 
+    # Only try to publish the container image from the root repo; forks don't have permission to do so and will always get failures.
     - name: Publish container image
+      if: github.repository == 'vmware-tanzu/velero'
       run: |
         docker login -u ${{ secrets.DOCKER_USER }} -p ${{ secrets.DOCKER_PASSWORD }}
        
diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 51cd16258..2e0f1ac4f 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -35,7 +35,9 @@ jobs:
     - name: Test
       run: make test
 
+    # Only try to publish the container image from the root repo; forks don't have permission to do so and will always get failures.
     - name: Publish container image
+      if: github.repository == 'vmware-tanzu/velero'
       run: |
         docker login -u ${{ secrets.DOCKER_USER }} -p ${{ secrets.DOCKER_PASSWORD }}
         ./hack/docker-push.sh