feat: allow recording in fork with secrets

[MikeMcC399]

This PR resolves the issue #693 "Workflows using Cypress Cloud fail in fork". It builds on the draft PR "Record to Cypress Cloud in fork" #694 implementing suggestions from that PR to cover additionally the default case where a fork user has no Cypress Cloud project defined.

Scenario	Project ID	Record Key	Result
main repo	from config file	from GH secret	recording runs
fork, no Cloud project	from config file	no GH secret	recording skipped
fork, with Cloud project	from GH secret	from GH secret	recording runs

By default, when a user creates a fork, actions are disabled. If the user enables actions and makes no other changes then previously the two recording workflows would fail:

• .github/workflows/example-custom-ci-build-id.yml
• .github/workflows/example-recording.yml

This PR adds an extra job check-record-key to check for the existence of secrets.EXAMPLE_RECORDING_KEY. This allows recording jobs in the workflows to be skipped if the prerequisite Cypress Cloud recording key is not present. This logic is necessary because jobs.<job_id>.if does not recognise the secrets context (see GH Actions: Context).

A regular user has only read access to the Cypress.io organization's Cypress Cloud public project https://cloud.cypress.io/projects/3tb7jn/, so the workflows need a convenient way to provide an alternative project ID for recording in a fork.

This is achieved by allowing a user's individual Cypress Cloud project ID to be defined as a GH secret. In this way a user can override the main repo's Cloud project ID without requiring any modifications to files in the fork

[MikeMcC399]

Recording jobs are correctly skipped because a PR from a fork has no access to secrets, neither to its own, nor to the secrets of the parent repository. It's in "no-mans land"!

The logs show
Secret source: None

[MikeMcC399]

@jennifer-shehane

I took your comments from #694 (review) on board and reworked the PR. You are welcome to review it.

It is backwards compatible, prevents unwanted fork failures and allows users to incorporate their own Cypress Cloud project more easily into the examples without forcing anyone, such as a fix submitter, to do so.

[MikeMcC399]

@jaffrepaul / @jennifer-shehane

• Issue Not possible to run Cypress tests without exposing record key #796 shows that there is a need to demonstrate the functionality of recording in a fork. Hopefully you will be able to review and merge this PR soon.

[MikeMcC399]

@nagash77
Will you also add this PR to your process? I'm unsure if @jaffrepaul or @jennifer-shehane are still actively involved.

[MikeMcC399]

squashed and rebased for clarity of commit history

[github-actions]

🎉 This PR is included in version 5.2.0 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀

[MikeMcC399]

@mjhenkes / @jaffrepaul

Thanks for merging this PR!

Version 5.2.0 has been correctly published to https://www.npmjs.com/package/@cypress/github-action/v/5.2.0

The GitHub Marketplace https://github.com/marketplace/actions/cypress-io however still shows the previous version, 5.1.0. Publishing to the GitHub Marketplace is a manual process (see https://github.com/cypress-io/github-action/blob/master/DEVELOPMENT.md#updating-the-latest-version-in-github-marketplace). Will you follow up?

[mjhenkes]

@MikeMcC399, updated, thanks for pointing this out!