From cd0c0ab416aea08b8889590c48eba21eb03cec7a Mon Sep 17 00:00:00 2001 From: zwitschi Date: Fri, 14 Nov 2025 19:21:48 +0100 Subject: [PATCH] fix(ci-build): update conditions for push permissions in CI workflow --- .gitea/workflows/ci-build.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.gitea/workflows/ci-build.yml b/.gitea/workflows/ci-build.yml index 99456a5..dac73a7 100644 --- a/.gitea/workflows/ci-build.yml +++ b/.gitea/workflows/ci-build.yml @@ -27,10 +27,10 @@ jobs: event_name="${GITHUB_EVENT_NAME:-}" sha="${GITHUB_SHA:-}" - if [ "$ref_name" = "${DEFAULT_BRANCH:-main}" ]; then - echo "on_default=true" >> "$GITHUB_OUTPUT" + if [ "$ref_name" = "${DEFAULT_BRANCH:-main}" ] && [ "$event_name" != "pull_request" ]; then + echo "allow_push=true" >> "$GITHUB_OUTPUT" else - echo "on_default=false" >> "$GITHUB_OUTPUT" + echo "allow_push=false" >> "$GITHUB_OUTPUT" fi echo "ref_name=$ref_name" >> "$GITHUB_OUTPUT" @@ -41,7 +41,7 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Log in to gitea registry - if: ${{ steps.meta.outputs.on_default == 'true' }} + if: ${{ steps.meta.outputs.allow_push == 'true' }} uses: docker/login-action@v3 continue-on-error: true with: @@ -55,7 +55,7 @@ jobs: REGISTRY_URL: ${{ env.REGISTRY_URL }} REGISTRY_CONTAINER_NAME: ${{ env.REGISTRY_CONTAINER_NAME }} SHA_TAG: ${{ steps.meta.outputs.sha }} - PUSH_IMAGE: ${{ steps.meta.outputs.on_default == 'true' && steps.meta.outputs.event_name != 'pull_request' && env.REGISTRY_URL != '' && env.REGISTRY_USERNAME != '' && env.REGISTRY_PASSWORD != '' }} + PUSH_IMAGE: ${{ steps.meta.outputs.allow_push == 'true' && env.REGISTRY_URL != '' && env.REGISTRY_USERNAME != '' && env.REGISTRY_PASSWORD != '' }} run: | set -eo pipefail LOG_FILE=build.log