The project's GitHub Actions CI build has a hard dependency on some secrets (e.g. GRADLE_ENTERPRISE_CACHE_USERNAME), which causes the build to fail on the forks, causing unnecessary noise.
I've been greeted by one such build failure after syncing my fork today: https://github.com/vpavic/spring-security/runs/2476329503?check_suite_focus=true
Comment From: jzheaux
I see that in pr-build-workflow there is the following declaration:
if: github.repository == 'spring-projects/spring-security'
I wonder if the same pattern can be applied to the jobs in continuous-integration-workflow.
Also, note that forks can disable actions via Settings > Actions.
Comment From: vpavic
IMO such condition should exist on the CI workflow as well.
I'm aware that one can disable Actions in their fork, but I don't find it a reasonable expectation from 4.5k forks out there. Until GitHub comes to their senses and stops enabling Actions by default on forks, maintainers should ensure that forking their repos doesn't generate unnecessary noise for the users.