diff --git a/.github/workflows/abc.yml b/.github/workflows/abc.yml deleted file mode 100644 index 2508922324..0000000000 --- a/.github/workflows/abc.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: 'Approved Fork Execution' - -on: - pull_request: - pull_request_target: - -jobs: - run-tests: - name: 'Run Tests' - # This condition prevents duplicate runs for forks. - # It runs for all pull_request_target events (forks) - # and for pull_request events that are NOT from a fork. - if: "github.event_name == 'pull_request_target' || github.event.pull_request.head.repo.full_name == github.repository" - runs-on: 'ubuntu-latest' - - # For PRs from forks (pull_request_target), require approval via an environment. - # For internal PRs (pull_request), run without approval. - environment: "${{ github.event_name == 'pull_request_target' && 'e2e-on-fork' || null }}" - - steps: - # For PRs from forks, we need to checkout the head of the PR from the fork's repo. - - name: 'Checkout (fork)' - if: "github.event_name == 'pull_request_target'" - uses: 'actions/checkout@v4' - with: - ref: '${{ github.event.pull_request.head.sha }}' - repository: '${{ github.event.pull_request.head.repo.full_name }}' - - # For internal PRs, the default checkout is sufficient. - - name: 'Checkout (internal)' - if: "github.event_name == 'pull_request'" - uses: 'actions/checkout@v4' - - - name: 'Run test with secret' - env: - GEMINI_API_KEY: '${{ secrets.GEMINI_API_KEY }}' - run: | - echo "This step demonstrates using a secret." - if [ -n "$GEMINI_API_KEY" ]; then - echo "GEMINI_API_KEY is available." - else - echo "GEMINI_API_KEY is not available." - # On pull_request from a fork, this would fail without pull_request_target - if [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]]; then - echo "This is a fork PR on a pull_request trigger, secrets are not available." - else - # This should not happen for internal PRs or approved fork PRs - exit 1 - fi - fi