Skip to content

chore: guard upstream automation workflows from forks#28464

Open
StevenTCramer wants to merge 1 commit into
anomalyco:devfrom
TimeWarpEngineering:Cramer/2026-05-20/workflow-guards
Open

chore: guard upstream automation workflows from forks#28464
StevenTCramer wants to merge 1 commit into
anomalyco:devfrom
TimeWarpEngineering:Cramer/2026-05-20/workflow-guards

Conversation

@StevenTCramer
Copy link
Copy Markdown
Contributor

@StevenTCramer StevenTCramer commented May 20, 2026

Issue for this PR

Closes #28463

Type of change

  • Bug fix
  • New feature
  • Refactor / code improvement
  • Documentation

What does this PR do?

Prevents upstream-specific GitHub Actions automation from running in forks.

This adds github.repository == 'anomalyco/opencode' guards to scheduled workflows and automation workflows that publish artifacts, deploy infrastructure, update repository state, or respond to repository events.

Fork-local CI workflows such as tests, typecheck, storybook, and nix evaluation remain unguarded so contributors can still run normal validation in forks.

This also updates a stale docs-update.yml action reference from sst/opencode to anomalyco/opencode.

How did you verify your code works?

  • Parsed all workflow YAML files successfully.
  • Confirmed no sst/opencode references remain in .github/workflows.
  • Confirmed test/typecheck/storybook/nix-eval workflows remain unguarded.
  • Confirmed scheduled and upstream automation workflows retain repository guards.

Screenshots / recordings

N/A. This is a CI workflow configuration change.

Checklist

  • I have tested my changes locally
  • I have not included unrelated changes in this PR

@StevenTCramer
ci: guard scheduled and automation workflows from forks
5606a44 
Add repository guards to workflows that are scheduled, publish artifacts,
deploy infrastructure, update repository state, or respond to repository events.
This prevents forked repositories from running upstream-specific automation and
wasting GitHub Actions minutes.

Keep fork-local CI workflows unguarded so tests, typecheck, storybook, and
nix evaluation can still run in forks.

Also update stale docs-update references from sst/opencode to anomalyco/opencode.
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 20, 2026

Hey! Your PR title ci: guard upstream automation workflows from forks doesn't follow conventional commit format.

Please update it to start with one of:

  • feat: or feat(scope): new feature
  • fix: or fix(scope): bug fix
  • docs: or docs(scope): documentation changes
  • chore: or chore(scope): maintenance tasks
  • refactor: or refactor(scope): code refactoring
  • test: or test(scope): adding or updating tests

Where scope is the package name (e.g., app, desktop, opencode).

See CONTRIBUTING.md for details.

@StevenTCramer StevenTCramer changed the title ci: guard upstream automation workflows from forks chore: guard upstream automation workflows from forks May 20, 2026
@ariane-emory
Copy link
Copy Markdown
Contributor

ariane-emory commented May 20, 2026
edited
Loading

Have not personally tested, but seems like a good idea in principle and LGTM on its face.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

contributor

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[FEATURE]: Guard upstream automation workflows from forks

2 participants

@StevenTCramer @ariane-emory