From 268677152d06ba59fcec7a7f0b5d961b6ccd7e1e Mon Sep 17 00:00:00 2001
From: Laurent Senta <Laurent.Senta@gmail.com>
Date: Mon, 18 Sep 2023 15:27:04 +0200
Subject: [PATCH] fix: ignore forks (#250)

* fix: ignore forks

* fix: second pass, add parameters

* style: adapt to local

* fix: defaulting

* fix: naming

* Apply suggestions from code review

Co-authored-by: Dawid Dziurla <dawidd0811@gmail.com>

---------

Co-authored-by: Dawid Dziurla <dawidd0811@gmail.com>
---
 README.md  | 3 +++
 action.yml | 4 ++++
 main.js    | 7 +++++++
 3 files changed, 14 insertions(+)

diff --git a/README.md b/README.md
index 982e87f8..9dfe4978 100644
--- a/README.md
+++ b/README.md
@@ -72,4 +72,7 @@ Let's suppose you have a workflow with a job in it that at the end uploads an ar
     #  "fail", "warn", "ignore"
     # default fail
     if_no_artifact_found: fail
+    # Optional, ignore forks when searching for artifacts
+    # default true
+    allow_forks: false
 ```
diff --git a/action.yml b/action.yml
index 66e9d656..27dfcbf0 100644
--- a/action.yml
+++ b/action.yml
@@ -55,6 +55,10 @@ inputs:
     description: Where to unpack the artifact
     required: false
     default: "./"
+  allow_forks:
+    description: Allow forks
+    required: false
+    default: true
   check_artifacts:
     description: Check workflow run whether it has an artifact
     required: false
diff --git a/main.js b/main.js
index b79c6df6..a24fee48 100644
--- a/main.js
+++ b/main.js
@@ -38,6 +38,7 @@ async function main() {
         let runNumber = core.getInput("run_number")
         let checkArtifacts = core.getBooleanInput("check_artifacts")
         let searchArtifacts = core.getBooleanInput("search_artifacts")
+        const allowForks = core.getBooleanInput("allow_forks")
         let dryRun = core.getInput("dry_run")
 
         const client = github.getOctokit(token)
@@ -102,6 +103,8 @@ async function main() {
             core.info(`==> Run number: ${runNumber}`)
         }
 
+        core.info(`==> Allow forks: ${allowForks}`)
+
         if (!runID) {
             // Note that the runs are returned in most recent first order.
             for await (const runs of client.paginate.iterator(client.rest.actions.listWorkflowRuns, {
@@ -120,6 +123,10 @@ async function main() {
                     if (workflowConclusion && (workflowConclusion != run.conclusion && workflowConclusion != run.status)) {
                         continue
                     }
+                    if (!allowForks && run.head_repository.full_name !== `${owner}/${repo}`) {
+                        core.info(`==> Skipping run from fork: ${run.head_repository.full_name}`)
+                        continue
+                    }
                     if (checkArtifacts || searchArtifacts) {
                         let artifacts = await client.paginate(client.rest.actions.listWorkflowRunArtifacts, {
                             owner: owner,