Can an action detect that it is running against a private repository?

I have an action I’m working on that can be used to build a package.  One of the options for the package build process is to include some build metadata in the resulting binary package that can be useful for debugging and to detect if any of the sources have known security vulnerabilities.

For Open Source projects, there is pretty much no downside to turning this on.  For proprietary projects, it could leak information about the source that the developer might prefer to keep secret.

My action has an input that controls this option, and I’d like the default be an “automatic” heuristic: turn on the metadata for public repositories and turn it off for private repositories.  My only problem is that I’m not sure how to determine this from the information provided by the Github Actions runner.  Would anyone be able to point me in the right direction?

@jhenstridge ,

Generally, you can find most information about the workflow run from the github context, include the detailed information about the repository where the workflow is running currently.

You can easily use the property " github.event.repository.private" to check if the repository is private, it will return a boolean ( true or false ).

There is an exception, if the workflow run is triggered by the Scheduled events, there will not be more information about the repository in the github context, you can only get the repository name ( github.repository ) from the context.

For other events, it is OK to get more detailed information about the repository.

@jhenstridge ,

How are things going? Have you tried my above suggestion using the property “github.event.repository.private” to check if the repository is private? Is it helpful to you?
Any progress, feel free to contact me. Thanks.