From 0068ed5ab124fa08937d625b004aa0cc3ab667c4 Mon Sep 17 00:00:00 2001
From: Mark Duckworth <1124037+MarkDuckworth@users.noreply.github.com>
Date: Tue, 9 Apr 2024 15:40:49 -0600
Subject: [PATCH] Conditionally run terraform CI steps only if secrets are
 available. (#8144)

---
 .../workflows/test-changed-firestore-integration.yml  | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/test-changed-firestore-integration.yml b/.github/workflows/test-changed-firestore-integration.yml
index 3cc14c99c55..050ea7a43f5 100644
--- a/.github/workflows/test-changed-firestore-integration.yml
+++ b/.github/workflows/test-changed-firestore-integration.yml
@@ -24,6 +24,8 @@ jobs:
   test:
     name: Test Firestore Integration If Changed
     runs-on: ubuntu-latest
+    env:
+        run_terraform_steps: ${{ secrets.JSSDK_ACTIONS_SA_KEY != '' }}
 
     steps:
     - name: Checkout Repo
@@ -32,20 +34,23 @@ jobs:
         # This makes Actions fetch all Git history so run-changed script can diff properly.
         fetch-depth: 0
     - uses: 'google-github-actions/auth@v0'
+      if: ${{ env.run_terraform_steps }}
       with:
         credentials_json: '${{ secrets.JSSDK_ACTIONS_SA_KEY }}'
-    
+
     # create composite indexes with Terraform
-    - name: Setup Terraform 
+    - name: Setup Terraform
+      if: ${{ env.run_terraform_steps }}
       uses: hashicorp/setup-terraform@v2
     - name: Terraform Init
+      if: ${{ env.run_terraform_steps }}
       run: |
         cp config/ci.config.json config/project.json
         cd packages/firestore
         terraform init
       continue-on-error: true
     - name: Terraform Apply
-      if: github.event_name == 'pull_request'
+      if: github.event_name == 'pull_request' && env.run_terraform_steps
       run: |
         cd packages/firestore