Unrecognized named-value: 'secrets' in action.yml

I have an action.yml like this, which I want it to be called and trigger the following action.

name: "homelab trigger"
description: "Trigger deployment for homelab workflow"
author: "winston0410"
inputs:
  github-token:
    description: "The GitHub token used to create an authenticated client"
    default: ${{ github.token }}
    required: false
runs:
  using: "composite"
  steps:
    - uses: octokit/request-action@v2.x
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        REQUEST_BODY: |
          - "event_type": "build_application"
      with:
        route: POST /repos/winston0410/homelab/dispatches
        owner: octokit
        repo: request-action
        body: ${{ toJSON(env.REQUEST_BODY) }}

But right now I got this error:

Error: winston0410/homelab/9a3e086b017e16f924daa7f3cc0bdffd6a0d5877/action.yml (Line: 14, Col: 23):
Error: winston0410/homelab/9a3e086b017e16f924daa7f3cc0bdffd6a0d5877/action.yml (Line: 14, Col: 23): Unrecognized named-value: 'secrets'. Located at position 1 within expression: secrets.GITHUB_TOKEN
Error: GitHub.DistributedTask.ObjectTemplating.TemplateValidationException: The template is not valid. winston0410/homelab/9a3e086b017e16f924daa7f3cc0bdffd6a0d5877/action.yml (Line: 14, Col: 23): Unrecognized named-value: 'secrets'. Located at position 1 within expression: secrets.GITHUB_TOKEN

Can I use secret in action.yml?

No. If your action needs a secret, the workflow has to provide it as an input. I notice that you already have a token input, why not use that?

1 Like