Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Passing All GitHub Environment Variables and Secrets in a GitHub Actions Workflow

Tags:

github

github-actions

For a repository on GitHub, I have configured an Environment with variables and secrets defined. I'd like to be able to use the entire collection in a GitHub Action without needing to individually map each variable from the github environment to the runner environment.

Given a dev environment defining TOKEN, FOO, BAR, and BAZ and the following workflow:

jobs:
  build:
    runs-on: ubuntu-latest
    environment: dev
    steps:
      - name: Build
        env:
          TOKEN: ${{ secrets.TOKEN }}
          FOO: ${{ vars.FOO }}
          BAR: ${{ vars.BAR }}
          BAZ: ${{ vars.BAZ }}

Is there a clever way to use the settings in the underlying sub-process environment without listing each variable (token, foo, bar, baz) explicitly?

like image 377
j12y Avatar asked Jan 30 '26 02:01

j12y

2 Answers

I have gotten this to work by first setting the vars context JSON to an environment variable, then using jq to process that JSON into KEY=VALUE format, and appending that to my $GITHUB_ENV file.

jobs:
  Deploy:
    runs-on: ubuntu-latest
    environment:
      name: My Environment
    env:
      # this will take the entire vars context configured in the repository > environments
      # setting and convert it to JSON so we can automatically assign all the values to the
      # runner's environment
      VARS_CONTEXT: ${{ toJson(vars) }}
    steps:
      - uses: actions/checkout@v3
      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          node-version-file: .nvmrc
          cache: npm
      - name: Set env vars from vars context JSON
        run: |
          # Pipe the JSON string into jq
          echo "$VARS_CONTEXT" | 
          # Convert JSON object into an array of key-value pairs
          jq -r 'to_entries | 
          # Map over each key-value pair
          .[] | 
          # Format each pair as "KEY=VALUE" and append it all to the environment file
          "\(.key)=\(.value)"' >> $GITHUB_ENV
      - name: Check env
        run: printenv
like image 187
kdot Avatar answered Feb 01 '26 08:02

kdot

It seems that such a feature is too difficult for GitHub to implement. How do I get all GitHub secrets into env variables for Actions to access (powershell in my case)?

The answer is, you cannot. The best you can do is export every env variable as a JSON, and then read / parse the whole env variable yourself, which is still bad.

- name: view the secrets context
  shell: bash
  run: echo "$SECRETS_CONTEXT"
  env:
    SECRETS_CONTEXT: ${{ toJson(secrets) }}
like image 27
vladimirror Avatar answered Feb 01 '26 07:02

vladimirror
Sign in to Comment

Related questions

Circle CI: error cloning repository: repository not found
Git Staging Hook
Cannot clone GitHub SSH Repository: CreateProcessW failed error:193
disable SSL verify in GitHub CLI (gh)
`env.BRANCH_NAME` becomes `PR-1`

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!