Skip NuGet publish steps for fork PRs in CI by meziantou · Pull Request #1063 · meziantou/Meziantou.Analyzer

meziantou · 2026-03-28T01:34:58Z

The deploy job in CI requires OIDC authentication (NuGet/login) and secrets (FEEDZ_APIKEY) to publish NuGet packages. Fork PRs don't have access to either, causing the job to fail. Since deploy is a required check, this blocks merging any fork contribution.

This adds a condition to the NuGet login and publish steps so they are skipped when the PR comes from a fork, while the deploy job itself still runs and succeeds. The condition used is:

github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository

This ensures publishing runs for pushes to main, workflow dispatches, and same-repo PRs — but is safely skipped for fork PRs.

Fork PRs don't have access to secrets or OIDC authentication, causing the deploy job to fail. Add conditions to skip the NuGet login and publish steps when the PR comes from a fork, while keeping the deploy job itself green. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

meziantou merged commit 42b20f2 into main Mar 28, 2026
13 checks passed

meziantou deleted the fix-ci-fork-deploy branch March 28, 2026 01:43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Skip NuGet publish steps for fork PRs in CI#1063

Skip NuGet publish steps for fork PRs in CI#1063
meziantou merged 1 commit intomainfrom
fix-ci-fork-deploy

meziantou commented Mar 28, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

meziantou commented Mar 28, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant