mirror of
https://github.com/google-gemini/gemini-cli.git
synced 2026-03-10 14:10:37 -07:00
fork regulation testing (#11304)
This commit is contained in:
matt korwel
50
.github/workflows/abc.yml
vendored
Normal file
50
.github/workflows/abc.yml
vendored
Normal file
@@ -0,0 +1,50 @@
|
|||||||
|
name: 'Approved Fork Execution'
|
||||||
|
|
||||||
|
on:
|
||||||
|
pull_request:
|
||||||
|
pull_request_target:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
run-tests:
|
||||||
|
name: 'Run Tests'
|
||||||
|
# This condition prevents duplicate runs for forks.
|
||||||
|
# It runs for all pull_request_target events (forks)
|
||||||
|
# and for pull_request events that are NOT from a fork.
|
||||||
|
if: "github.event_name == 'pull_request_target' || github.event.pull_request.head.repo.full_name == github.repository"
|
||||||
|
runs-on: 'ubuntu-latest'
|
||||||
|
|
||||||
|
# For PRs from forks (pull_request_target), require approval via an environment.
|
||||||
|
# For internal PRs (pull_request), run without approval.
|
||||||
|
environment: "${{ github.event_name == 'pull_request_target' && 'e2e-on-fork' || null }}"
|
||||||
|
|
||||||
|
steps:
|
||||||
|
# For PRs from forks, we need to checkout the head of the PR from the fork's repo.
|
||||||
|
- name: 'Checkout (fork)'
|
||||||
|
if: "github.event_name == 'pull_request_target'"
|
||||||
|
uses: 'actions/checkout@v4'
|
||||||
|
with:
|
||||||
|
ref: '${{ github.event.pull_request.head.sha }}'
|
||||||
|
repository: '${{ github.event.pull_request.head.repo.full_name }}'
|
||||||
|
|
||||||
|
# For internal PRs, the default checkout is sufficient.
|
||||||
|
- name: 'Checkout (internal)'
|
||||||
|
if: "github.event_name == 'pull_request'"
|
||||||
|
uses: 'actions/checkout@v4'
|
||||||
|
|
||||||
|
- name: 'Run test with secret'
|
||||||
|
env:
|
||||||
|
GEMINI_API_KEY: '${{ secrets.GEMINI_API_KEY }}'
|
||||||
|
run: |
|
||||||
|
echo "This step demonstrates using a secret."
|
||||||
|
if [ -n "$GEMINI_API_KEY" ]; then
|
||||||
|
echo "GEMINI_API_KEY is available."
|
||||||
|
else
|
||||||
|
echo "GEMINI_API_KEY is not available."
|
||||||
|
# On pull_request from a fork, this would fail without pull_request_target
|
||||||
|
if [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]]; then
|
||||||
|
echo "This is a fork PR on a pull_request trigger, secrets are not available."
|
||||||
|
else
|
||||||
|
# This should not happen for internal PRs or approved fork PRs
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
Reference in New Issue
Block a user