nathan/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2026-06-05 21:03:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

workflows/pull-request-target: don't try to use secrets in pull_request context on Dependabot PRs

Browse Source 
Secrets can't be accessed on dependabot PRs (https://github.com/dependabot/dependabot-core/issues/3253#issuecomment-852541544), so don't try.

(This should be the only change needed, as all other uses of secrets seem to
be conditioned on pull_request not being the current event.)

Fixes (e.g.) https://github.com/NixOS/nixpkgs/actions/runs/25553044633/job/75065769199?pr=518033
This commit is contained in:
Michael Daniels
2026-05-08 14:07:35 -04:00
parent b1a644fbe8
commit f572465c7a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/pull-request-target.yml vendored
View File

@@ -46,7 +46,7 @@ jobs:
# It's fine to reuse this app in the 'eval / compare' job,
# because this job has to run before that one.
- uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
if: vars.NIXPKGS_BRANCH_CHECK_CLIENT_ID
if: vars.NIXPKGS_BRANCH_CHECK_CLIENT_ID && github.actor != 'dependabot[bot]'
id: app-token
with:
client-id: ${{ vars.NIXPKGS_BRANCH_CHECK_CLIENT_ID }}