Chaining Actions

I have 2 individual actions, which I’d like to be able chain together. Reading the docs, that doesn’t seem to be possible using GITHUB_TOKEN? https://docs.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token#using-the-github_token-in-a-workflow

on:
  push:
    branches:
      - master
name: Git Tag
env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
  check_version:
    name: Check Version
    runs-on: ubuntu-latest
    outputs:
      git_tag_name: ${{ steps.tag_check.outputs.git_tag_name }}
    steps:
      - uses: actions/checkout@v2 # https://github.com/actions/checkout
      - uses: dudo/tag_check@v1.0.1
        id: tag_check
        with:
          git_tag_prefix: v
  push_tag:
    name: Push Tag
    needs: check_version
    runs-on: ubuntu-latest
    steps:
    - name: Push Tag to GitHub
      run: |
        curl -s -H "Authorization: token ${GITHUB_TOKEN}" \
        -d "{\"ref\": \"refs/tags/${{needs.check_version.outputs.git_tag_name}}\", \"sha\": \"${GITHUB_SHA}\"}" \
        "https://api.github.com/repos/${GITHUB_REPOSITORY}/git/refs"

which I’d like to kick off:

on:
  push:
    tags:
      - v*
name: Docker Tag
jobs:
  docker:
    name: Build and push Docker Image
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2 # https://github.com/actions/checkout
      - name: Set ENV
        run: echo ::set-env name=INPUT_REPOSITORY::$GITHUB_REPOSITORY/${GITHUB_REPOSITORY##*/}
      - uses: docker/build-push-action@v1 # https://github.com/marketplace/actions/build-and-push-docker-images
        with:
          username: $GITHUB_ACTOR
          password: ${{ secrets.GITHUB_TOKEN }}
          registry: docker.pkg.github.com
          repository: ${{ env.INPUT_REPOSITORY }}
          tag_with_ref: true

Is there a way to do this? Do I just need to use my own token?

I am no expert, but I am pretty sure that you can not have a workflow activate another workflow.

Yes, you need to use a repo scoped PAT to allow the first workflow to trigger the second.

See https://docs.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token

Yes, you need to use a repo scoped PAT to allow the first workflow to trigger the second.

See https://docs.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token

Oh, I didn’t know that. Thanks!

So, to keep this action as generic as possible, I didn’t like having to create a PAT, so I just grouped it into one Action. Feels appropriate, really, since I don’t want a new image unless I have a new tag.

on:
  push:
    branches:
      - master
name: Git Tag
env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
  check_version:
    name: Check Version
    runs-on: ubuntu-latest
    outputs:
      git_tag_name: ${{ steps.tag_check.outputs.git_tag_name }}
    steps:
      - uses: actions/checkout@v2 # https://github.com/actions/checkout
      - uses: dudo/tag_check@v1.0.1
        id: tag_check
        with:
          git_tag_prefix: v
  push:
    name: Push Tag & Image
    needs: check_version
    runs-on: ubuntu-latest
    steps:
    - name: Push Tag to GitHub
      run: |
        curl -s -H "Authorization: token ${GITHUB_TOKEN}" \
        -d "{\"ref\": \"refs/tags/${{needs.check_version.outputs.git_tag_name}}\", \"sha\": \"${GITHUB_SHA}\"}" \
        "https://api.github.com/repos/${GITHUB_REPOSITORY}/git/refs"
    - name: Set ENV
      run: echo ::set-env name=INPUT_REPOSITORY::$GITHUB_REPOSITORY/${GITHUB_REPOSITORY##*/}
    - uses: actions/checkout@v2 # https://github.com/actions/checkout
    - name: Push Image to GitHub
      uses: docker/build-push-action@v1 # https://github.com/marketplace/actions/build-and-push-docker-images
      with:
        username: $GITHUB_ACTOR
        password: ${{ secrets.GITHUB_TOKEN }}
        registry: docker.pkg.github.com
        repository: ${{ env.INPUT_REPOSITORY }}
        tags: ${{ needs.check_version.outputs.git_tag_name }}