Generating and using a JWT in a composite action #26309
-
Howdy! I am writing a composite action that first retrieves a JWT through a login-type api call, and then uses it as authentication bearer for Greetz, |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments
-
Where is the
TheYoctoJester/mender-push-artifact/blob/69e1e612bb0c0cf62e65f1acafc4f643e7745842/action.yml#L22
That’s in a different step though, which runs in a separate shell, so its variables are long gone by the time |
Beta Was this translation helpful? Give feedback.
-
Thanks, yeah… the variable wasn’t being handled correctly. Being rather new to GA, coming from classic shell scripting. It seems to work now with the assignment being written into $GITHUB_ENV, and retrieved with Just a small follow-up - how does this compare to the output strategy that you mentioned? Up-/downsides? Thanks a lot! |
Beta Was this translation helpful? Give feedback.
-
TheYoctoJester:
Writing to Well, and there’s the potential that something in the calling workflow also defined a |
Beta Was this translation helpful? Give feedback.
Writing to
GITHUB_ENV
will make the token available to everything running in all later steps, including outside the composite action. Considering you’re handling an authentication token I’d consider that a security risk.Well, and there’s the potential that something in the calling workflow also defined a
JWT
environment variable before and expects it to be available later.