0

I want to use the secrets of a called workflow residing inside a different repository from the caller workflow. How can I use them?

Action 1 (Inside repo X)

name: Call GitHobbit

on:
  push:
    branches:
      - 'main'

jobs:
  call-workflow:
    uses: mehtakaran9/githobbit/.github/workflows/actions.yml@main
    with:
      owner: mehtakaran99
      repository: test-app-js
      branch: main
      target-branch: typescript
      file-mode: false

Action 2 (Repo Y):

name: Run automated typer

on:
  workflow_call:
    inputs:
      owner: 
        required: true
        type: string
      repository:
        required: true
        type: string
      branch:
        required: true
        type: string
      target-branch:
        required: true
        type: string
      file-mode:
        required: true
        type: boolean
      files:
        required: false
        type: string
      working-directory:
        required: false
        type: string
        default: '.'

env:
  GH_TOKEN: ${{ secrets.ACCESS_TOKEN_PAT_CLASSIC }}

jobs:
  directory-typer:
    runs-on: ubuntu-latest
    if: ${{ inputs.working-directory }} != null && ${{ inputs.file-mode }} == false
    steps:
      # Add forking step
      - name: Forking the repo
        run: gh repo fork ${{ inputs.owner }}/${{ inputs.repository }} --clone --remote

The secret GH_TOKEN: ${{ secrets.ACCESS_TOKEN_PAT_CLASSIC }} resides inside the repo Y action secrets.

But I get the following error when the workflow is executed:

Run gh repo fork mehtakaran99/test-app-js --clone --remote

gh: To use GitHub CLI in a GitHub Actions workflow, set the GH_TOKEN environment variable. Example:

env: GH_TOKEN: ${{ github.token }}

Karan Mehta
  • 9
  • 2
  • Hope this answer's your question [Using inputs and secrets in a reusable workflow](https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-inputs-and-secrets-in-a-reusable-workflow) – Haridarshan Apr 25 '23 at 10:32
  • Nope it does not. I already checked it out, that is for the caller's workflow passing secrets to the called workflow. My case is different. – Karan Mehta Apr 25 '23 at 12:13
  • No, it's not different. Simply pass required `secrets` in Action 1 and get those secrets in Action 2 just like you're fetching `inputs` – Haridarshan Apr 25 '23 at 14:13
  • Please read the question, the secret lies in REPO Y (which is the reusable workflow). Hence, Action 1 does not have access to the secret whatsoever. The secret lies in the repository in which Action 2 is contained. – Karan Mehta Apr 26 '23 at 11:19
  • Sorry, my mistake. Pass `GH_TOKEN` as `env` to step **Forking the repo**. – Haridarshan Apr 26 '23 at 11:53
  • ` - name: Forking the repo env: GH_TOKEN: ${{ secrets.ACCESS_TOKEN_PAT_CLASSIC }} run: gh repo fork ${{ inputs.owner }}/${{ inputs.repository }} --clone --remote ` – Haridarshan Apr 26 '23 at 11:54

0 Answers0