GHA: Attempt dockerhub upload only if secrets are accessible (#385)

e.g., they won't be accessible during builds for dependabot PRs.
ICB-DCM · Sep 16, 2024 · 1c9fd93 · 1c9fd93
1 parent d2c341f
commit 1c9fd93
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/.github/workflows/deploy_dockerhub.yml b/.github/workflows/deploy_dockerhub.yml
@@ -2,13 +2,29 @@
 name: Deploy to dockerhub
 on: [push, workflow_dispatch]
 jobs:
+  check-secret:
+    runs-on: ubuntu-latest
+    outputs:
+      secrets-defined: ${{ steps.secret-check.outputs.defined }}
+    steps:
+      - name: Check for Secret availability
+        id: secret-check
+        shell: bash
+        run: |
+          if [ "${{ secrets.DOCKER_USERNAME }}" != '' ]; then
+            echo "defined=true" >> $GITHUB_OUTPUT;
+          else
+            echo "defined=false" >> $GITHUB_OUTPUT;
+          fi
+
   build:
     name: Deploy to dockerhub
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@master
     - run: git archive -v -o container/charliecloud/parpe_base/parpe.tar.gz --format=tar.gz HEAD
     - name: Publish to Registry
+      if: needs.check-secret.outputs.secrets-defined == 'true'
       uses: elgohr/Publish-Docker-Github-Action@v5
       with:
         name: dweindl/parpe