From aa323a1841e33387143d995e3fa32d3f37c4bd61 Mon Sep 17 00:00:00 2001
From: Tim Wojtulewicz <tim@corelight.com>
Date: Fri, 19 Jun 2020 15:17:33 -0700
Subject: [PATCH] Convert to using permissions to check for access to cirrus
 variables in benchmark script

---
 ci/benchmark.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ci/benchmark.sh b/ci/benchmark.sh
index 2719d45b76..5440e9717a 100755
--- a/ci/benchmark.sh
+++ b/ci/benchmark.sh
@@ -5,9 +5,9 @@ ZEEK_BENCHMARK_ENDPOINT="/zeek"
 # Setting this causes any command failures to immediately cause the script to fail.
 set -e
 
-# Don't do this for any branch that isn't from the main zeek repo.
-# TODO: is it possible to do this from cirrus.yml instead of here?
-if [ "${CIRRUS_REPO_OWNER}" != "zeek" ]; then
+# Don't do this unless the user has access to the encrypted variables. This will
+# basically exclude any PR that doesn't come from the main zeek repo.
+if [ "${CIRRUS_USER_PERMISSION}" != "admin" -a "${CIRRUS_USER_PERMISSION}" != "write" ]; then
     echo "Benchmarks are skipped for repositories outside of the main Zeek project"
     exit 0
 fi