Limit workflows based on secrets

.github/workflows/auto-merge.yml

@@ -14,8 +14,23 @@ on:
       - completed
   status: {}
 jobs:
+  secrets:
+    runs-on: ubuntu-latest
+    outputs:
+      actions: ${{ steps.secrets.outputs.secrets }}
+    steps:
+      - name: secrets
+        id: secrets
+        shell: bash
+        env:
+          ACTIONS_PAT: ${{ secrets.ACTIONS_PAT != '' }}
+        if: env.ACTIONS_PATH == 'true'
+        run: echo ::set-output name=secrets::true
+
   automerge:
     runs-on: ubuntu-latest
+    needs: secrets
+    if: needs.secrets.outputs.secrets
     steps:
       - name: automerge
         uses: "pascalgn/automerge-action@v0.15.3"

.github/workflows/ci.yml

@@ -160,6 +160,7 @@ jobs:
           CI_SONATYPE_RELEASE: ${{ secrets.CI_SONATYPE_RELEASE }}
           SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
           PGP_SECRET: ${{ secrets.PGP_SECRET }}
+        if: env.PGP_PASSPHRASE && env.SONATYPE_PASSWORD && env.CI_SONATYPE_RELEASE && env.PGP_SECRET
         run: sbt ++${{ matrix.scala }} ci-release
 
   update_release_draft:
@@ -174,9 +175,23 @@ jobs:
     steps:
       - uses: release-drafter/release-drafter@v5
 
+  secrets:
+    runs-on: ubuntu-latest
+    outputs:
+      actions: ${{ steps.secrets.outputs.secrets }}
+    steps:
+      - name: secrets
+        id: secrets
+        shell: bash
+        env:
+          ACTIONS_PAT: ${{ secrets.ACTIONS_PAT != '' }}
+        if: env.ACTIONS_PATH == 'true'
+        run: echo ::set-output name=secrets::true
+
   update_docs:
     name: Publish Documentation
-    if: ${{ github.ref == 'refs/heads/main' }}
+    needs: secrets
+    if: ${{ github.ref == 'refs/heads/main' && needs.secrets.outputs.secrets }}
     strategy:
       matrix:
         os: [ubuntu-latest]
@@ -233,7 +248,8 @@ jobs:
 
   runBenchMarks:
     name: Benchmarks
-    if: ${{ github.event_name == 'pull_request'}}
+    needs: secrets
+    if: ${{ github.event_name == 'pull_request' && needs.secrets.outputs.secrets }}
     strategy:
       matrix:
         os: [centos]
@@ -243,8 +259,6 @@ jobs:
     steps:
       - name: Clean up
         id: clean_up
-        env:
-          GITHUB_TOKEN: ${{secrets.ACTIONS_PAT}}
         run: sudo rm -rf *
 
       - uses: actions/checkout@v2

.github/workflows/scala-steward.yml

@@ -11,5 +11,8 @@ jobs:
     steps:
       - name: Launch Scala Steward
         uses: scala-steward-org/scala-steward-action@v2
+        env:
+          HAS_SCALA_STEWARD_PAT: ${{ secrets.SCALA_STEWARD_PAT != '' }}
+        if: env.HAS_SCALA_STEWARD_PAT == 'true'
         with:
           github-token: ${{ secrets.SCALA_STEWARD_PAT }}