From 0eec1d5e57034683bda4acc8cab6e28137596961 Mon Sep 17 00:00:00 2001
From: Jason Rudolph <jason@jasonrudolph.com>
Date: Tue, 22 Jun 2021 10:31:25 -0400
Subject: [PATCH] Only send to BuildPulse when we have access to secrets

Co-authored-by: Mike McQuaid <mike@mikemcquaid.com>
---
 .github/workflows/tests.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 66fb11077f..49c38a8bda 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -322,7 +322,9 @@ jobs:
       - uses: codecov/codecov-action@29386c70ef20e286228c72b668a06fd0e8399192
 
       - name: Upload test results to BuildPulse for flaky test detection
-        if: '!cancelled()' # Run this step even when the tests fail. Skip if the workflow is cancelled.
+        # Only run this step for PRs where where we have access to secrets.
+        # Run this step even when the tests fail. Skip if the workflow is cancelled.
+        if: github.event.pull_request.head.repo.full_name == github.repository && !cancelled()
         env:
           BUILDPULSE_ACCESS_KEY_ID: ${{ secrets.BUILDPULSE_ACCESS_KEY_ID }}
           BUILDPULSE_SECRET_ACCESS_KEY: ${{ secrets.BUILDPULSE_SECRET_ACCESS_KEY }}