Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
GitHub Actions Cookbook

You're reading from   GitHub Actions Cookbook A practical guide to automating repetitive tasks and streamlining your development process

Arrow left icon
Product type Paperback
Published in Apr 2024
Publisher Packt
ISBN-13 9781835468944
Length 250 pages
Edition 1st Edition
Languages
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
Michael Kaufmann Michael Kaufmann
Author Profile Icon Michael Kaufmann
Michael Kaufmann
Arrow right icon
View More author details
Toc

Table of Contents (10) Chapters Close

Preface 1. Chapter 1: GitHub Actions Workflows 2. Chapter 2: Authoring and Debugging Workflows FREE CHAPTER 3. Chapter 3: Building GitHub Actions 4. Chapter 4: The Workflow Runtime 5. Chapter 5: Automate Tasks in GitHub with GitHub Actions 6. Chapter 6: Build and Validate Your Code 7. Chapter 7: Release Your Software with GitHub Actions 8. Index 9. Other Books You May Enjoy

Using secrets and variables

You can set variables and secrets in a repository that you can access in workflows. In this recipe, we’ll add both and access them in the workflow.

Getting ready

In this recipe, we will use the web UI to set variables and secrets. You can also use the GitHub CLI (https://cli.github.com/) for that. If you want to try that, then you have to install it. But it is not necessary for following the recipe.

How to do it…

  1. In your repository, navigate to Settings | Secrets and Variables | Actions. You can see all existing secrets in the repository, and you can toggle the tabs between Secrets (settings/secrets/actions) and Variables (settings/variables/actions; see Figure 1.20):
Figure 1.20 – Configuring secrets and variables for a repository

Figure 1.20 – Configuring secrets and variables for a repository

  1. Clicking New repository secret will open the New secret dialog (settings/secrets/actions/new; see Figure 1.21):
Figure 1.21 – Adding a new secret

Figure 1.21 – Adding a new secret

Add MY_SECRET as the secret name and a random word such as Abracadabra as the secret, and click Add secret. The secret will be masked in the logs! So, don’t use a common word that could occur in other outputs of random jobs or steps.

Naming conventions for secrets and variables

Secret names are not case-sensitive, and they can only contain normal characters ([a-z] and [A-Z]), numbers ([0-9]), and an underscore (_). They must not start with GITHUB_ or a number.

The best practice is to name secrets with uppercase words separated by the underscore character.

  1. Repeat the process for New repository variable (settings/variables/actions/new) and create a WHO_TO_GREET variable with the value World.
  2. Open the .github/workflows/MyFirstWorkflow.yml file from the previous recipe and click the edit icon (see Figure 1.22):
Figure 1.22 – Editing MyFirstWorkflow.yml

Figure 1.22 – Editing MyFirstWorkflow.yml

Change the word World to the ${{ vars.WHO_TO_GREET }} expression and add a new line using the ${{ secrets.MY_SECRET }} secret:

- run: |
    echo "Hello ${{ vars.WHO_TO_GREET }}  from ${{ github.actor }}."
    echo "My secret is  ${{ secrets.MY_SECRET }}."
  1. Commit the changes. The workflow will run automatically. Inspect the output in the workflow log. It should look like Figure 1.23:
Figure 1.23 – Output of a secret and variable in the log

Figure 1.23 – Output of a secret and variable in the log

There’s more…

You can create configuration variables for use across multiple workflows by defining them on one of the following levels:

  • Organization level
  • Repository level
  • Environment level

The three levels work like a hierarchy: you can override a variable or secret on a lower level by providing a new value to the same key. Figure 1.24 illustrates the hierarchy:

Figure 1.24 – The hierarchy for configuration variables and secrets

Figure 1.24 – The hierarchy for configuration variables and secrets

Secrets and variables for organizations work the same way as for repositories. You can create a secret or variable under Settings | Secrets and variables | Actions. New organization secrets or variables can have an access policy for the following:

  • All repositories
  • Private repositories
  • Selected repositories

When choosing Selected repositories, you can grant access to individual repositories.

In addition to setting these values through the UI, it is also possible to use the GitHub CLI.

You can use gh secret or gh variable to create new entries:

$ gh secret set secret-name
$ gh variable set var-name

You will be prompted for the secret or variable values, or you can read the value from a file, pipe it to the command, or specify it as the body (-b or --body):

$ gh secret set secret-name < secret.txt
$ gh variable set var-name --body config-value
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime