Unable to use secrets in workflow-CodePudding

We have a project from the previous agency that uses GitHub actions. I already tried several attempts but unfortunately, I was not able to solve the problem.

I am stuck at Unrecognized named-value: 'secrets'. Located at position 1 within expression: error.

Here is the action.yml

name: Create envfile

on: [ push ]

jobs:

  create-envfile:
 
    runs-on: ubuntu-latest
 
    steps:
    - name: Make envfile
      with:
        envkey_DEBUG: false
        envkey_CLIENT_ID: ${{ secrets.CLIENT_ID }}
        envkey_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
        directory: projectName/
        file_name: .env
        fail_on_empty: false

And the part of workflow.yml where the build process stops executing

on:
  push:
    branches:
      - main
  workflow_dispatch:

jobs:
  flake8-lint:
    runs-on: ubuntu-latest
    name: Lint
    steps:
      - name: Check out source repository
        uses: actions/checkout@v2
      - name: Set up Python environment
        uses: actions/setup-python@v2
        with:
          python-version: "3.10"
      - name: flake8 Lint
        uses: py-actions/flake8@v2
  build:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2
      - uses: ./.github/actions/create_envfile // it stops here
      - name: Set up Python version
        uses: actions/setup-python@v1
        with:
          python-version: '3.8'

      - name: Create and start virtual environment
        run: |
          python -m venv venv
          source venv/bin/activate
      
      - name: Install dependencies
        run: pip install -r requirements.txt

It stucks in - uses: ./.github/actions/create_envfile part in the workflow

Here is the full error

      Error: 
      /home/runner/work/projectName/./.github/actions/create_envfile/action.yml (Line: 16, Col: 27):
       Error: /home/runner/work/projectName/./.github/actions/create_envfile/action.yml (Line: 17, Col: 31):
       Error: /home/runner/work/projectName/./.github/actions/create_envfile/action.yml (Line: 16, Col: 27): Unrecognized named-value: 'secrets'. Located at position 1 within expression: secrets.CLIENT_ID
       Error: /home/runner/work/projectName/./.github/actions/create_envfile/action.yml (Line: 17, Col: 31): Unrecognized named-value: 'secrets'. Located at position 1 within expression: secrets.CLIENT_SECRET
        Error: Fail to load /home/runner/work/projectName/./.github/actions/create_envfile/action.yml

Any ideas how to fix this?

CodePudding user response：

This is because composite actions do not have access to the "secrets" namespace for security reasons. They do have access to the environment variables set by the calling workflow or you can pass in secrets as inputs to the action.

From your comments all you need to do is use the action from the marketplace and not store as your own composite action like so:

on:
  push:
    branches:
      - main
  workflow_dispatch:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: SpicyPizza/[email protected]
        with:
          envkey_DEBUG: false
          envkey_CLIENT_ID: ${{ secrets.CLIENT_ID }}
          envkey_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
          directory: projectName/
          file_name: .env
          fail_on_empty: false

      - name: Set up Python version
        uses: actions/setup-python@v1
        with:
          python-version: '3.8'

      - name: Create and start virtual environment
        run: |
          python -m venv venv
          source venv/bin/activate
      
      - name: Install dependencies
        run: pip install -r requirements.txt