How to "environmentalize" a workflow? #25776
-
I’m trying to understand how you can “environmentalize” a Github actions workflow, that is, have a workflow use different values depending on the environment. Here is my use-case:
Configuring an environment is as simple as this:
My question is what is the best way to have my workflow ensure all environments will be configured. I’ve done a bit of searching for this answer, but haven’t found anything. The only option I’ve seen so far is to use Github actions contexts which would result in my workflow having a step for each environment where i have an
That seems like a really suboptimal solution since most of my *.yml file will be conditional steps to configure AWS. This discussion seemed to offer a potential solution, but the syntax is such that I’m not sure how I’d use it. |
Beta Was this translation helpful? Give feedback.
Replies: 10 comments
-
The basic idea is to set the keys as environment secrets and then always use the same name. Then you can use your
|
Beta Was this translation helpful? Give feedback.
-
@cschleiden When you say “environment”, what are you referring to? Is there a concept of environments in Github or the secrets module (which I’m unfamiliar with) where you can use the same secret ID for different values? |
Beta Was this translation helpful? Give feedback.
-
Yes, please see: Environments - GitHub Docs And specifically this section: Environments - Secrets - GitHub Docs |
Beta Was this translation helpful? Give feedback.
-
@cschleiden This appears to be exactly what I need. That said, my repos are private and my organization has GitHub Enterprise. I’m seeing some statements in the page you linked that I’m interpreting as conflicting and I’m unclear if, given my situation, environment secrets are an option. In the purple box, it reads “Environments, environment protection rules, and environment secrets are available in public repositories for all products and in private repositories for GitHub Enterprise.” But then in the About environments section, it says “Environment protection rules and environment secrets are only available on public repositories.” Are you able to say if environment secrets work for private repos with GitHub Enterprise? |
Beta Was this translation helpful? Give feedback.
-
@mellis481 That appears to be a bug in our documentation 😬 We’ll get that fixed. On an enterprise plan environments (and all associated features) are also available for private repositories. |
Beta Was this translation helpful? Give feedback.
-
@cschleiden I’m just now realizing that it appears the environment secrets are at the repository-level not organization-wide. Is that correct? If so, then it would appear this solution is not going to be satisfactory for me because the environment-based secrets I need go across numerous repositories in my organization. |
Beta Was this translation helpful? Give feedback.
-
Yes, environment are repository scoped. |
Beta Was this translation helpful? Give feedback.
-
@cschleiden are organization-level secrets on any roadmap? |
Beta Was this translation helpful? Give feedback.
-
@cschleiden I too am interested in org-wide per-env secrets. |
Beta Was this translation helpful? Give feedback.
-
@ cschleiden Is there any plan to bring this to Pro and not force small companies to upgrade to Enterprise? We’re boot-strapped and cash-poor. This seems like one that every single organization needs, not just enterprises and open source projects. |
Beta Was this translation helpful? Give feedback.
Yes, please see: Environments - GitHub Docs
And specifically this section: Environments - Secrets - GitHub Docs