Scheduled workflow can't access secrets #25955

douglatornell · 2020-07-06T17:41:23Z

douglatornell
Jul 6, 2020

I recently added an on: schedule: trigger to a workflow that has been working fine via its on:push: trigger for some time. The workflow sends notifications to a couple of Slack channels via webhook URL stored in secrets. The schedule-triggered action fails to notify the Slack channels with the message ##[error]Cannot read property 'url' of undefined.

Here is an example of the failure:

GitHub

SalishSeaCast/NEMO-Cmd

NEMO command processor, a command line tool for doing various operations associated with the running NEMO (and other) ocean models. This an extensible tool built on the OpenStack cliff (Command Li...

This looks to me like the scheduled workflow is being blocked from accessing secrets, but I can’t find anything in the docs that tells me that should be the case. I’m seeing this in several repos, some of which use organization secrets, others that use repo secrets.

Is this a known issue that I am failing to find in my searching, or am I doing something wrong?

Answered by cschleiden

Jul 6, 2020

@douglatornell Scheduled workflows do receive secrets. Looking at your example, you can also see the masked secrets (the ***), so some value was passed to the action.

image703×259 55.5 KB

The problem is with the action you’re calling, looking at the code it tries to read head_commit from the JSON payload. That doesn’t exist for scheduled workflows and leads to this error:

github.com

pioug/le-slack-message/blob/087c7c6d7af33952a5b9bb49a72ed90489277cd2/index.js#L20


const ACTION_NAME = core.getInput("ACTION_NAME");
const JOB = JSON.parse(core.getInput("JOB", { required: true }));
const SLACK_WEBHOOK_URL = core.getInput("SLACK_WEBHOOK_URL", {
  required: true
});


const message = new Inco…

View full answer

cschleiden · 2020-07-06T21:22:36Z

cschleiden
Jul 6, 2020
Collaborator

@douglatornell Scheduled workflows do receive secrets. Looking at your example, you can also see the masked secrets (the ***), so some value was passed to the action.

image703×259 55.5 KB

The problem is with the action you’re calling, looking at the code it tries to read head_commit from the JSON payload. That doesn’t exist for scheduled workflows and leads to this error:

github.com

pioug/le-slack-message/blob/087c7c6d7af33952a5b9bb49a72ed90489277cd2/index.js#L20


const ACTION_NAME = core.getInput("ACTION_NAME");
const JOB = JSON.parse(core.getInput("JOB", { required: true }));
const SLACK_WEBHOOK_URL = core.getInput("SLACK_WEBHOOK_URL", {
  required: true
});


const message = new IncomingWebhook(SLACK_WEBHOOK_URL);
await message.send({
  attachments: [
    {
      title: `${ACTION_NAME} in <${GITHUB_EVENT.head_commit.url}/checks|${GITHUB_WORKFLOW}>: ${JOB.status}`,
      color: {
        Success: "good",
        Cancelled: "warning",
        Failure: "danger"
      }[JOB.status],
      fields: [
        {
          value: `${GITHUB_EVENT.head_commit.message.split("\n")[0]} _(<${
            GITHUB_EVENT.head_commit.url
          }|${GITHUB_EVENT.ref.replace(

0 replies

douglatornell · 2020-07-06T21:54:51Z

douglatornell
Jul 6, 2020
Author

Thanks @cschleiden ! I had looked at the action code but didn’t connect the dots about it trying to read a non-existent head_commit. I’ll see if I can engage with the action author to collaborate on a we of resolving this.

0 replies

douglatornell · 2020-07-15T19:17:25Z

douglatornell
Jul 15, 2020
Author

For anyone who find this thread in the future: I couldn’t find an obvious good way to enable pioug/le-slack-message@v1.0.0 to work for schedule events, so I changed to use 8398a7/action-slack@v3 for Slack notifications.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Community

Scheduled workflow can't access secrets #25955

{{title}}

Replies: 3 comments

{{title}}

{{title}}

{{title}}

Select a reply

GitHub Community

Scheduled workflow can't access secrets #25955

douglatornell Jul 6, 2020

SalishSeaCast/NEMO-Cmd

pioug/le-slack-message/blob/087c7c6d7af33952a5b9bb49a72ed90489277cd2/index.js#L20

Replies: 3 comments

cschleiden Jul 6, 2020 Collaborator

pioug/le-slack-message/blob/087c7c6d7af33952a5b9bb49a72ed90489277cd2/index.js#L20

douglatornell Jul 6, 2020 Author

douglatornell Jul 15, 2020 Author

douglatornell
Jul 6, 2020

cschleiden
Jul 6, 2020
Collaborator

douglatornell
Jul 6, 2020
Author

douglatornell
Jul 15, 2020
Author