GitHub Secret not visible on first workflow run

Hi,

While the below works perfectly for most users, I’ve now had 3 different users reach out to us because when we added our workflow to their repo and when that workflow ran – it couldn’t find the secret they’d just entered.

And in all cases, the user rerunning the workflow resolved the problem.

Users:

  1. Add our API Token as a secret in their repository secrets, then confirm they’ve done so.
  2. Our GitHub App posts a PR (or makes a commit direct to default branch if not protected) with our workflow to their repo, which immediately triggers it to run
  3. The first run (sometimes), it fails because it doesn’t see the secret they just added
  4. We ask them to “rerun all jobs”, and then it works! They make no other changes.

Why is the workflow triggered by our app not able to view secrets seemingly randomly? Is this a bug on GitHub’s side?

In the workflow, the secret is read like this:

      - name: run
        id: run
        uses: <our action>
        with:
          api_token: ${{ secrets.SECRET_NAME }}
1 Like

Actually, a little more info for you / tech support. This problem appears to be pretty inconsistent. While all four of these users followed the same flow to install the CodeSee Maps workflow and secret on their repository in the last week or so, some workflow runs were able to access secrets and some failed to. And, in every case, our GitHub app made a commit directly to the repo’s default branch in order to add the workflow.

FAILED

garimasingh128/gitsetgo - as of now, still has not rerun, so you can see the failure in the “run” section of the logs (linked)

avneesh0612/ChatCube - reran and it succeeded

SUCCEEDED

Logerfo/csharp-colors - succeeded on first attempt

akshat157/meditate-app - succeeded on first attempt