I have a simple workflow:
name: Test CI
env:
path_to_watch_for_commits: 'testdir/testfile'
on:
push:
branches:
- master
paths:
- ${{ env.path_to_watch_for_commits }}
workflow_dispatch:
jobs:
build:
runs-on: ubuntu
steps:
- uses: actions/checkout#v2
I want to use variable path_to_watch_for_commits in paths. But this syntax is wrong. Also i try ${{ path_to_watch_for_commits }} and $path_to_watch_for_commits with no results. What am i doing wrong?
There is a Naming conventions for environment variables explaining that:
Any new environment variables you set that point to a location on the filesystem should have a _PATH suffix. The HOME and GITHUB_WORKSPACE default variables are exceptions to this convention because the words "home" and "workspace" already imply a location.
Regarding the use of environment variables at different levels inside the workflow, here is an example with WORKFLOW, JOB and STEP variables:
name: Example
on: [push, workflow_dispatch]
env:
WORKFLOW_VARIABLE: WORKFLOW
jobs:
test:
runs-on: ubuntu-latest
env:
JOB_VARIABLE: JOB
steps:
- name: Run Commands with various variables
if: ${{ env.WORKFLOW_VARIABLE == 'WORKFLOW' }}
env:
STEP_VARIABLE: STEP
run: |
echo "Hello World"
echo "This is the $WORKFLOW_VARIABLE environment variable"
echo "This is the $JOB_VARIABLE environment variable"
echo "This is the $STEP_VARIABLE environment variable"
Regarding the possibility of the behaviour you want to achieve in your workflow, you can't set variables at the workflow and use them as paths on the same level, because:
Variables are substituted in the runner operating system after the job
is sent to the runner.
Reference
A workaround could be to trigger the workflow every time on push event, using the paths-filter action with an if conditional to execute specific steps if it match your paths.
It's not the best solution regarding optimisation, but it will work.
Related
I'm using github environments in my github workflow. I want to read the environment name in a step of a job.
According to this documentation. It seems that the job context does not have that information. Is it any other way to achieve this?
Basically this is what i want to achieve:
jobs:
deployment:
name: Deploy to dev
environment: dev
runs-on: ubuntu-latest
steps:
- run: echo ${{ job.environment.name }}
# Expected to print 'dev'
you should use: jobs.<job_id>.environment.
See in docs: https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment
Github provides secrets, whose values can be used in workflows. Unfortunately, the values of secrets is protected and we can't easily see it in the repo or debug it in the workflow as it is scrubbed.
Is there a way to define an "environment variable" in the repository that can be easily seen and debugged? My use case is for configuration that can be easily modified if the repo is forked.
You can store environment variables in an .env file like this:
FOO=bar
Then you can write code to append data from that file to $GITHUB_ENV:
name: CI
on:
workflow_dispatch:
jobs:
foo:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v3
- run: cat .env >> $GITHUB_ENV
- name: Use the value
run: echo $FOO
You'll need to do cat .env >> $GITHUB_ENV (and use actions/checkout) for each job where you need to access env vars from that file.
DO NOT STORE SECRETS IN .env -- use it only for storing configurations, etc.
Complete code: https://github.com/brc-dd/env-from-file
You can also change .env to something like .env.github to keep things more organized.
FYI: you can pass secret as env variable inside job.
Sample job where I have added foo as a secret in actions workflow:
name: simple secret
id: secret_env
env:
foo: ${{ secrets.foo}}
run: echo $foo **
above is example but ignore code syntax issues because of comments format here..
I'm trying to organize my workflow artifacts (on a self-hosted runner) using a structure similar to this:
c:\github\artifacts\{org}\{repo}\{runid}
Different organizations in our enterprise COULD have a repository with the same name, so I wanted to be able to organize by organization name.
I have this so far:
c:\github\artifacts\{org}\{${{ github.event.repository.name }}\${{ github.run_id }}\
How can I determine the organization name?
You can get that from github context. Here are few that might be of use:
${{ github.repository }}
${{ github.repository_owner }}
If you don't know what are the values and which env variables are available to runner, you can just run env in a step to print it out, like so:
name: Print environment variables
on:
workflow_dispatch:
jobs:
debug:
runs-on: ubuntu-latest
steps:
- name: Print
run: env | sort
I'm looking for a way to check if the owner of the repository has set some variable.
Usecase:
I'm a contributor of diyhue, and I want to setup a generic github action to test the app, this should be done for every user, and publish it to docker hub if the owner of the fork has set the secret DOCKER_USERNAME.
That way the github action will only run the publish step if the user configured the required secrets. But the test will always run, resulting in a green checkmark telling changes from the user aren't breaking the code.
I could not find a way to stop the execution of the github actions if secrets where not set. So I build my own action to do just that.
https://github.com/marketplace/actions/secret-input-gate
This action allows the github actions to succeed (or fail) if secrets are not set. Use it to your liking and let me know what you think. Code is completely open-source, so you can make sure I’m not stealing any tokens.
I found an alternative following this issue discussion
As you can't manipulate secrets in an if (conditional) expression (they won't be recognised by the GHA interpreter), a workaround could be to create a job to check if the secret variable is present or not, set the result as an output, an then manipulate it on other jobs as you wish.
Example with DOCKER_USERNAME:
check-secret:
runs-on: ubuntu-latest
outputs:
my-key: ${{ steps.my-key.outputs.defined }}
steps:
- id: my-key
env:
MY_KEY: ${{ secrets.DOCKER_USERNAME }}
if: "${{ env.MY_KEY != '' }}"
run: echo "::set-output name=defined::true"
job1:
runs-on: ubuntu-latest
needs: [check-secret]
if: needs.check-secret.outputs.my-key == 'true'
steps:
- run: echo "This command is executed if DOCKER_USERNAME secret IS NOT empty"
job2:
runs-on: ubuntu-latest
needs: [check-secret]
if: needs.check-secret.outputs.my-key != 'true'
steps:
- run: echo "This command is executed if DOCKER_USERNAME secret IS empty"
As I have repetitve steps in my Github Actions, I would like to create a template. Let's make a example
name: ci
on: ["push"]
jobs:
build-and-test:
strategy:
matrix:
os: [ubuntu-latest]
runs-on: ${{ matrix.os }}
steps:
- name: checkout
uses: actions/checkout#v1
- name: do stuff
run: |
bash stuff
Is it possible to save only the steps in a separated file? And import afterwards?
Unfortunately it does not look like github-actions supports reusing workflows. Not even YAML anchors are supported.
It looks like the only way to share steps (not setup) is to create actions.
Update: A storm brewing
I have also caught wind of the possibility of reusing actions. Follow the issue to stay up-to-date.
I mentioned in "Reuse portion of GitHub action across jobs" that reusing GitHub Worfflow is now (Oct. 2021) available.
The documentation "Reusing workflows" includes a section "Reusable workflows and workflow templates", which leads to "Creating workflow templates"
If you need to refer to a repository's default branch, you can use the $default-branch placeholder.
When a workflow is created using your template, the placeholder will be automatically replaced with the name of the repository's default branch.
For example, this file named octo-organization-ci.yml demonstrates a basic workflow.
name: Octo Organization CI
on:
push:
branches: [ $default-branch ]
pull_request:
branches: [ $default-branch ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: Run a one-line script
run: echo Hello from Octo Organization