I've seen other SO answers but none of them seem to work. I guess I'm just trying to do something pretty simple with Github Actions. Just make a access_key available to my github action, without putting it in my github repo. So I see we can create action secrets
that should be passed to the github action. I also understand we cant just log secret keys for security, so I would expect ***
instead when trying to log. For the life of me I can't figure out why the secrets are not ***
but they are empty. And even when Im using them in my scripts, they don't appear to have any value to them. Here is my workflow thats relevant
name: CI
on:
push:
branches:
- master
env:
AWS_S3_BUCKET: ${{ secrets.AWS_PRODUCTION_BUCKET_NAME }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.AWS_REGION }}
jobs:
deploy:
runs-on: ubuntu-latest
env:
CI: true
strategy:
matrix:
node-version: [14.x]
steps:
- uses: actions/checkout@v1
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
publish_dir: ./build
- name: Test Env
run: |
echo 'The GitHub Action Secret will be masked: '
echo ${{ secrets.GITHUB_TOKEN }}
echo 'Testing secret if its masked: '
printenv
When I run this, I see that GITHUB_TOKEN
is indeed ***
, which makes sense. But all the secrets that I've added to my repository settings > secrets > action secrets, they are just blank, not ***
and if i try to use them via ${{ secrets.AWS_ACCESS_KEY }}
its also blank.
My repo is public, I am pushing to master as well. I have admin rights to my repo.
In my case I hadn't referenced the environment containing the secrets from my script. Eventually found this in the documentation but it's incredibly frustrating that it just returns blank secrets instead of raising some kind of error message.
jobs:
myjobname:
runs-on: ubuntu-latest
environment: myenvironment # THIS WAS MISSING
steps:
# The steps in the action
Documentation link: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idenvironment
Ok looks like theres different kinds of secrets. I was adding Action Secrets
which makes sense to me. I want secrets for Actions. Theres another section called Environment Secrets
which when I put it in that, it worked. Kinda confusing.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With