Allow variables in strategy.matrix.include

I am trying to create a matrix job that will test our dev, test, and prod environments in parallel. However each env has different credentials that need to be passed in to authenticate.

I tried something like this

strategy:
      matrix:
        include:
          - aws-access-key-id: ${{ secrets.DEV_ACCESS_KEY }}
            aws-secret-access-key: ${{ secrets.DEV_SECRET_KEY }}
          - aws-access-key-id: ${{ secrets.TEST_ACCESS_KEY }}
            aws-secret-access-key: ${{ secrets.TEST_SECRET_KEY }}
          - aws-access-key-id: ${{ secrets.PROD_ACCESS_KEY }}
            aws-secret-access-key: ${{ secrets.PROD_SECRET_KEY }}

But I get an ‘Invalid workflow file’ error. So far I have only been able to get the includes to take a string.

Any ideas on how to get this to work?

I did find a similar issue Setting strategy.matrix to variable value returns a "invalid workflow file" error · Issue #751 · actions/runner · GitHub

Thanks for the link, it was interesting, but I am having a hard time seeing how this solves the problem I am facing.

Create a job that receives the single secret once. Have it generate the entire matrix as a JSON object using the variable as many times as you need. Have it serialize to string and create an output.

Your matrix job then just deserializes the output from that job.

I have given up on matrices, there are too many limitations, the main one for me being that you can’t use matrix values in needs.

So what we have done in my team is to make a script that unrolls all matrices before we push. This way you can do anything with matrices you can do other places.