From 2501c9fdd5fa46206f71d1686ddc43487538179b Mon Sep 17 00:00:00 2001
From: John Kristensen <john@jerrykan.com>
Date: Wed, 14 Jun 2023 10:11:36 +1000
Subject: [PATCH] Only push images from bitnami/minideb repository

Make it so that only builds triggered by the `bitnami/minideb`
repository will attempt to push images (because it is the only
repository that has access to the required secrets). This will prevent
builds in forked repositories that don't have access to the secrets from
failing.

Signed-off-by: John Kristensen <john@jerrykan.com>
---
 .github/workflows/main.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 16d2f69e..7c35c078 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -56,7 +56,7 @@ jobs:
           platform: "${{ matrix.arch }}"
           is_latest: ${{ matrix.dist == env.LATEST }}
       - name: Push
-        if: github.ref == 'refs/heads/master'
+        if: github.repository == 'bitnami/minideb' && github.ref == 'refs/heads/master'
         env:
           DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
           DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
@@ -71,7 +71,7 @@ jobs:
   deploy_manifests:
     runs-on: ubuntu-22.04
     needs: [ build_multiarch ]
-    if: github.ref == 'refs/heads/master'
+    if: github.repository == 'bitnami/minideb' && github.ref == 'refs/heads/master'
     env:
       DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
       DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
@@ -89,7 +89,7 @@ jobs:
     needs:
       - build_multiarch
       - deploy_manifests
-    if: always()
+    if: github.repository == 'bitnami/minideb'
     name: Notify unsuccessful CI run
     steps:
       - name: Notify in Slack channel