In trying to use the new environment feature in github actions, it appears that it isn’t possible to set a URL for an environment if it may contain secrets. I see this in the logs:
Warning: Skip setting environment url as environment
<environment>may contain secret.
Given that most deployments will probably require some sort of secrets to deploy, is this intended? If so, is there a way around it or what is the underlying reason for this behavior?
Are you using the secrets context there for some reason?
Meaning are you specifically referencing a secret in the url property of the environment key.
Thanks for your reply @chrispat and apologies for not following up earlier.
No, not referencing a secret in the URL. I’m only using github.event.number to form the URL.
It actually seems to be an error unrelated to secrets - what I see on the workflow overview page is this error:
System.AggregateException: One or more errors occurred. (Unexpected type 'BasicExpressionToken' encountered while reading 'Error in Environment Url for <environment>'. The type 'StringToken' was expected.)
The relevant lines from the workflow spec look like this:
environment:
name: environment-${{ github.event.number }}
url: https://environment-${{ github.event.number }}.example.com
Do you perhaps have a more complete example of your workflow? We are not able to reproduce this issue.
Hello,
Do you have a minimalistic repro or a build where you could share?
We tried this:
name: EnvironmentURLIssue
on:
workflow_dispatch:
pull_request:
jobs:
build:
environment:
name: environment-${{ github.event.number }}
url: https://environment-${{ github.event.number }}.example.com
runs-on: ubuntu-latest
steps:
- name: hello world
run: |
echo hello world
- id: env-url-step
name: set environment URL data
run: echo "::set-output name=url::https://github.com"
Which seems to work fine.
Hi @yaananth thanks for your response - here is an example run where the error occurs: fix typo · SwissDataScienceCenter/renku@320fdab · GitHub
Thanks, we will investigate!
We repro’d this, while we will fix so that you won’t get that error and make workflow stuck, what’s happening in terms of URL not getting set is by design.
You probably have some part of the URL as a secret.
For example, I can repro this, if I make a secret “DEV” with value “dev”.
Now if I reference that secret somewhere in my workflow. It’s considered as a secret. If ur URL has “dev” in it, it’s a secret, so we skip setting that.