How to inherit secrets when reusing workflows in Github Actions

It was recently posted on the Github changelog blog that it’s now possible to inherit secrets between workflows and I went to understand better how it works in the link at the end of the article (Reusing workflows - GitHub Docs).

I tried to use it in a project that I’m working on in the same way as it’s explained in the documentation but it didn’t work. See the print below.

I also tried using secrets: inherit in the on.workflow_call property in the ci.yml file but that didn’t work either.

Can someone explain why it’s not working or what i’m doing wrong?
Thanks

The first one doesn’t work because you’re trying to call the reusable workflow in a step, which isn’t possible (that’s for custom actions). A reusable workflow must be called at the job level.

Point three under Using inputs and secrets in a reusable workflow has an example. I notice it also says there:

Workflows that call reusable workflows in the same organization or enterprise can use the inherit keyword to implicitly pass the secrets.

I hope that doesn’t mean you can’t use that for workflows owned by the same personal account. :thinking:

I hope that doesn’t mean you can’t use that for workflows owned by the same personal account. :thinking:

It almost certainly means exactly that.

Just create an organization. They’re free. I have a couple.

1 Like

Thanks, now it’s working as expected. It was just a lack of attention.

And about the concern of the repository being in an organization or a personal account, I didn’t have any issues with that.

The final file version for future visitors:

name: Deploy

on:
  push:
    branches: [main]

jobs:
  tests:
    uses: ./.github/workflows/ci.yml
    secrets: inherit

  deploy:
    runs-on: ubuntu-latest
    needs: tests
    steps:
      - uses: actions/checkout@v3
      - name: Deploy
        run: echo 'DEPLOY NEW VERSION!'
2 Likes

What does your reusable workflow look like? inheriting secrets seems so broken… Errors suggest I have to specify exact secrets, but documentation says I can inherit. feat: compose github actions by SgtPooki · Pull Request #128 · ipfs-shipyard/pinning-service-compliance · GitHub