Post

Using variables and secrets in GitHub Actions

Posted
By Philip Nye
1 min read

Things held as configuration variables and secrets in GitHub must be defined as environment variables in the GitHub Actions workflow in order to be able to use them in a script.

Configuration variable are accessed using the vars context. Secrets are accessed using the secrets context. Both can be set at the level of the workflow, the job or the step.

E.g.:

Workflow

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

...
on:
  schedule:
    - cron:  '0 6 * * *'
  workflow_dispatch:

env:
  BLUESKY_USERNAME: $
  ODBC_DRIVER: $
  ODBC_SERVER: $
  ODBC_DATABASE: $
  ODBC_AUTHENTICATION: $

jobs:
...

Job

1
2
3
4
5
6
7
8
9
10
11
12

...
jobs:
  build:
    runs-on: ubuntu-latest
    env:
      BLUESKY_USERNAME: $
      ODBC_DRIVER: $
      ODBC_SERVER: $
      ODBC_DATABASE: $
      ODBC_AUTHENTICATION: $
    steps:
...

Step

1
2
3
4
5
6
7
8
9
10

...
  - name: Run script
    env:
      BLUESKY_USERNAME: $
      ODBC_DRIVER: $
      ODBC_SERVER: $
      ODBC_DATABASE: $
      ODBC_AUTHENTICATION: $
    run: python scraper.py
...

Environment variables can also be set directly in the workflow, for anything non-sensitive.

TIL
github github-actions environment-variables variables secrets
This post is licensed under CC BY 4.0 by the author.