GitHub Actions cannot read PERSONAL_ACCESS_KEY from secrets

GitHub Actions cannot read PERSONAL_ACCESS_KEY from secrets, I added to PERSONAL_ACCESS_KEY secrets, this is my workflow:

      - name: Add comment to PR
          URL: ${{ github.event.pull_request.comments_url }}
          ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_KEY }}  # always null
        run: |
          curl \
            -X POST \
            $URL \
            -H "Content-Type: application/json" \
            -H "Authorization: token $ACCESS_TOKEN" \
            --data '{ "body": "hello" }'

You can visit GitHub Actions log:

I guess I hit GitHub Actions BUG :rofl:

Thank you for your time.

Hi @nodece
I find that you merged a commit from a fork repo.

As mentioned in the document: With the exception of GITHUB_TOKEN , secrets are not passed to the runner when a workflow is triggered from a forked repository. So this is the reason why you meet the above issue.

A good news is that GitHub engineers are working on a way to improve this behavior. You could keep an eye on Github Changelog . Once this feature is released, we will update there.

1 Like

thank you for your answer, I know what to resolve it.

I look forward the feature.