From ba04ca52cd3629247223f8ff4fff4bd45051e5b0 Mon Sep 17 00:00:00 2001
From: Laurent Senta <laurent@singulargarden.com>
Date: Tue, 19 Sep 2023 12:57:53 +0200
Subject: [PATCH] fix: prevent forks

---
 .github/workflows/deploy-pages.yml | 47 ++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)

diff --git a/.github/workflows/deploy-pages.yml b/.github/workflows/deploy-pages.yml
index 528b359c8..88d4fb614 100644
--- a/.github/workflows/deploy-pages.yml
+++ b/.github/workflows/deploy-pages.yml
@@ -22,6 +22,53 @@ defaults:
     shell: bash
 
 jobs:
+<<<<<<< HEAD
+=======
+  # Pulls the output.json from the latest successful run of the gateway-conformance.yml workflow
+  # and stores these as an artifacts for the build job.
+  pull-outputs:
+    runs-on: "ubuntu-latest"
+    strategy:
+      matrix:
+        target: ["ipfs/kubo", "ipfs/boxo", "ipfs/bifrost-gateway"]
+      fail-fast: false
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - name: get repo details
+        id: get-details
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          OWNER_AND_REPO: ${{ matrix.target }}
+        run: |
+          DETAILS=$(gh api repos/${OWNER_AND_REPO})
+
+          DEFAULT_BRANCH=$(echo $DETAILS | jq -r '.default_branch')
+          echo "default-branch=${DEFAULT_BRANCH}" >> $GITHUB_OUTPUT
+
+          NAME=$(echo $DETAILS | jq -r '.name')
+          echo "name=${NAME}" >> $GITHUB_OUTPUT
+      - name: Download json output
+        id: download-artifact
+        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e # v2.28.0
+        with:
+          workflow: gateway-conformance.yml
+          workflow_conclusion: "completed" # TODO: ideally we could request success|failure (https://github.com/dawidd6/action-download-artifact#usage)
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          branch: ${{ steps.get-details.outputs.default-branch }}
+          name: gateway-conformance.json
+          repo: ${{ matrix.target }}
+          if_no_artifact_found: fail
+          allow-forks: false
+      - name: Upload JSON output
+        if: (failure() || success())
+        uses: actions/upload-artifact@v3
+        with:
+          name: conformance-${{ steps.get-details.outputs.name }}.json
+          path: ./output.json
+  # https://github.com/actions/starter-workflows/blob/4a8f18e34dd13d2b6ee4d8da2ba72629eafe1609/pages/hugo.yml#L1
+>>>>>>> b7deea7b (fix: prevent forks)
   build:
     runs-on: ubuntu-latest
     env: