GitHub Actions-空的环境秘密 [英] GitHub Actions - empty env secrets
问题描述
我已经开始使用GitHub动作了,但是我正在努力访问作为环境传递的存储库秘密.
I've started playing with GitHub actions, but I'm struggling with accessing repository secrets which I pass as env's.
我的工作流程文件:
name: Invite
on:
pull_request:
branches: [master]
types: [closed]
jobs:
invite:
runs-on: ubuntu-latest
steps:
- name: Hello world action
uses: lekterable/inclusive-organization-action@master
env:
SECRET_TOKEN: ${{ secrets.SECRET_TOKEN }}
organization: string
SUPER_SECRET: ${{ secrets.SUPER_SECRET }}
动作索引文件
const core = require('@actions/core')
const github = require('@actions/github')
const run = async () => {
try {
...
console.log('env', process.env)
const token = process.env.SECRET_TOKEN
const secret = process.env.SUPER_SECRET
const organization = process.env.organization
console.log('organization', organization)
console.log('token?', !!token)
console.log('secret?', !!secret)
console.log('token length', token.length)
...
} catch (error) {
core.setFailed(error.message)
}
}
run()
如您所见,我正在传递3个env,则按预期方式存在一个值为'string'的组织,但SECRET_TOKEN和SUPER_SECRET为空.
as you can see I'm passing 3 env's, the organization which has a value of 'string' exists as expected, but SECRET_TOKEN and SUPER_SECRET are empty.
是的,我确实在运行该操作的回购中设置了机密:
And yes, I do have the secrets set in the repo which runs the action:
我在做错什么吗?
推荐答案
我找到了一个解决方案,我要做的是代替执行关闭PR的操作,而是在新提交时运行它在主服务器上,这必须由对存储库具有写权限"的人来触发,因此,它可以访问存储库秘密.
I've found a solution, what I did to work around it is instead of running the action on closing the PR I'm running it on a new commit on master, this has to be triggered by someone with 'write rights' to the repo, therefore, it has access to the repo secrets.
要检查该提交是否为合并提交要困难一些,我们必须显式获取有关PR的更多信息,但是它可以工作.如果有人感兴趣的话,我要尝试执行的操作的源代码: https://github.com /lekterable/inclusive-organization-action
It's a bit harder to check if the commit is a merge commit and we have to explicitly fetch more info about the PR, but it works. Source code of an action I was trying to build if someone is interested: https://github.com/lekterable/inclusive-organization-action
这篇关于GitHub Actions-空的环境秘密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!