Invalid secret, github-token is not defined in the referenced workflow #26749

schalkneethling · 2021-11-25T14:27:16Z

schalkneethling
Nov 25, 2021

I have the following GitHub Action setup for reuse:

  <a href="https://github.com/mdn/workflows/blob/d971cc3696bf46ae32617e058393e45cec55ff85/.github/workflows/auto-merge.yml" target="_blank" rel="noopener nofollow ugc">github.com</a>

mdn/workflows/blob/d971cc3696bf46ae32617e058393e45cec55ff85/.github/workflows/auto-merge.yml

<pre><code class="lang-yml">name: auto-merge

on: [workflow_call]

jobs:
auto-merge:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: ahmadnassri/action-dependabot-auto-merge@v2
with:
target: minor
github-token: ${{ secrets.GH_TOKEN }}

I am reusing it here: mdn-minimalist/auto-merge.yml at 4c2fd5a9fe02c844788001064d72d98dc2ef801b · mdn/mdn-minimalist · GitHub

When the action on mdn-minimalist is run, I get the following error:

Invalid secret, github-token is not defined in the referenced workflow

I am kinda stumped as it definitely looks to be defined in the referenced workflow. Any ideas? Is there a naming convention that I am missing? Thing is, the auto-merge action expects a github-token property so, I cannot simply name it token. Thank you in advance.

Answered by airtower-luna

Nov 25, 2021

The reusable workflow needs to declare which secrets can be passed to it, see the documentation on on.workflow_call.secrets. That’s missing in your reusable workflow, you probably need something like this:

on:
  workflow_call:
    secrets:
      GH_TOKEN:
        description: 'A token passed from the caller workflow'
        required: true

And also make sure to use the same name when passing the secret from the calling workflow.

View full answer

airtower-luna · 2021-11-25T15:50:22Z

airtower-luna
Nov 25, 2021

The reusable workflow needs to declare which secrets can be passed to it, see the documentation on on.workflow_call.secrets. That’s missing in your reusable workflow, you probably need something like this:

on:
  workflow_call:
    secrets:
      GH_TOKEN:
        description: 'A token passed from the caller workflow'
        required: true

And also make sure to use the same name when passing the secret from the calling workflow.

0 replies

schalkneethling · 2021-11-25T15:51:28Z

schalkneethling
Nov 25, 2021
Author

Oh brilliant! Thanks so much.

0 replies

anilbey · 2024-03-04T15:39:12Z

anilbey
Mar 4, 2024

The working solution as of 2024: https://stackoverflow.com/a/69495861/1935611

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Community

Invalid secret, github-token is not defined in the referenced workflow #26749

{{title}}

Replies: 3 comments

{{title}}

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Select a reply

GitHub Community

Invalid secret, github-token is not defined in the referenced workflow #26749

schalkneethling Nov 25, 2021

mdn/workflows/blob/d971cc3696bf46ae32617e058393e45cec55ff85/.github/workflows/auto-merge.yml

Replies: 3 comments

airtower-luna Nov 25, 2021

schalkneethling Nov 25, 2021 Author

anilbey Mar 4, 2024

schalkneethling
Nov 25, 2021

airtower-luna
Nov 25, 2021

schalkneethling
Nov 25, 2021
Author

anilbey
Mar 4, 2024