diff options
| author | Aldo Cortesi <aldo@corte.si> | 2018-03-08 07:55:52 +1300 |
|---|---|---|
| committer | Aldo Cortesi <aldo@corte.si> | 2018-03-08 08:06:03 +1300 |
| commit | 380e4bc14d2d37df5af3be53abf2e9b8be79efcb (patch) | |
| tree | 7da28877e1ab97a85479d65dc3ce16238e1beb0f /release/ci.py | |
| parent | be089e53cfef04656807e8e1a95c5ae5cd9fd58c (diff) | |
| download | mitmproxy-380e4bc14d2d37df5af3be53abf2e9b8be79efcb.tar.gz mitmproxy-380e4bc14d2d37df5af3be53abf2e9b8be79efcb.tar.bz2 mitmproxy-380e4bc14d2d37df5af3be53abf2e9b8be79efcb.zip | |
release: don't upload assets for PRs from the main repo
Diffstat (limited to 'release/ci.py')
| -rwxr-xr-x | release/ci.py | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/release/ci.py b/release/ci.py index a7ecfae5..53a2632f 100755 --- a/release/ci.py +++ b/release/ci.py @@ -215,11 +215,26 @@ def build(): print("Packed {}.".format(archive_name(bdist))) +def is_pr(): + if os.environ.get("TRAVIS_PULL_REQUEST") != "false": + return True + elif os.environ.get("APPVEYOR_PULL_REQUEST_NUMBER"): + return True + return False + + @cli.command("upload") def upload(): """ Upload snapshot to snapshot server """ + # This requires some explanation. The AWS access keys are only exposed to + # privileged builds - that is, they are not available to PRs from forks. + # However, they ARE exposed to PRs from a branch within the main repo. This + # check catches that corner case, and prevents an inadvertent upload. + if is_pr(): + print("Refusing to upload a pull request") + return if "AWS_ACCESS_KEY_ID" in os.environ: subprocess.check_call( [ |