"Skip job output since it may contain secret" error - even it's definitely not a github secret

Hi everyone !

Due to the current limitations of Actions inputs UI we are using preparation step at our workflows, to prepare a json-like value for next step’s strategy.matrix directive

example workflow:

name: Application build
on:
  workflow_dispatch:
    inputs:
      builds:
        description: 'Target builds. Valid builds - dev,stage,prod'
        required: true
        default: 'dev'

jobs:
  parse_input:
    name: Parse input parameters
    runs-on: [self-hosted, macOS]
    outputs:
      userinput: ${{ steps.tojson.outputs.userinput }} 
    steps:
    
    - name: Checkout repository
      uses: actions/checkout@v2

    - name: Form json
      id: tojson
      run: |
        chmod +x parseinput.sh
        ./parseinput.sh ${{ github.event.inputs.builds }}
        echo "::set-output name=userinput::{include:[{build:dev}]}"
      working-directory: .github/

    - name: Echo output
      run: echo ${{ steps.tojson.outputs.userinput }}

  android_build:
    name: Build android app
    strategy:
      matrix: ${{ fromJson(needs.parse_input.outputs.userinput) }}
      fail-fast: false
    runs-on: [self-hosted, macOS]
    continue-on-error: true
    needs: parse_input
    steps: ....

Everything worked smooth, parseinput.sh script forms output parse_input.outputs.userinput JSON-like:
{“include”:[{“build”:“dev”}]}
and output was successfully passed as matrix:${{ fromJson(needs.parse_input.outputs.userinput) }} to the next jobs in workflow.

Now i’m trying to add a new workflow to the same repo, with same combination of parse_input step and matrix:${{ fromJson(needs.parse_input.outputs.userinput) }} at next steps, and now receiving errors at preparation step like:

Warning: Skip output 'userinput' since it may contain secret.

Output ‘userinput’ now looks like ***include:[***build:dev***]***

Seems “{” and “}” symbols now somehow recognized as Github secrets.

  • No output sent to the next jobs at workflow, so that workflow is always failure after first step.
  • No new secrets are added at repo or org level.
  • Identical workflows at the same and other repositories within organization continue to work perfectly.

Am I missed something ? Any help,hints, and suggestions will be appreciated, this not-a-secret-but-top-secret output issues are really annoying

Actually, couple weeks ago same issue at the same repository was fixed by changing workflow name (not renaiming of workflow.yml file itself)

Didn’t help this time

I have same issue Skip output 'order' since it may contain secret. after adding action google-github-actions/get-secretmanager-secrets@main to job.