Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handling 'system reserved names' like actions_step_debug #130

Closed
djthornton1212 opened this issue Apr 1, 2022 · 4 comments
Closed

Handling 'system reserved names' like actions_step_debug #130

djthornton1212 opened this issue Apr 1, 2022 · 4 comments
Labels
bug Something isn't working

Comments

@djthornton1212
Copy link

Situation:

Hello,
I have a step in my workflow_call that makes use of GitHub Actions system secrets like ${{ secrets.ACTIONS_STEP_DEBUG }}. Action lint sees this as an error reporting the following error:

property "actions_step_debug" is not defined in object type

I understand that this error is reported because it's not referenced in the inputs section under workflow_call:.
Being that this is a "system reserved" secret/variable we can't include it in the inputs without receiving the following error:

secret name ACTIONS_STEP_DEBUG within workflow_call can not be used since it would collide with system reserved name

How to reproduce:

Create a workflow_call and in a step use a system reserved name/secret like ${{ secrets.ACTIONS_STEP_DEBUG }}.

Expected behavior:

Actionlint should ignore the fact that system reserved names are included in a workflow_call as they cannot be added as inputs.

Version Used:

Super-linter: 4.9.1
Actionlint: 1.6.10
@rhysd rhysd added the bug Something isn't working label Apr 6, 2022
@rhysd
Copy link
Owner

rhysd commented Apr 6, 2022

I could not reproduce this.

I prepared the following tiny workflow:

on: push

jobs:
  some_job:
    runs-on: ubuntu-latest
    steps:
      - run: echo ${{ secrets.ACTIONS_STEP_DEBUG }}

and I ran:

actionlint ./test.yaml

but it did not report any error.

Is there any other pre-condition?

@rhysd rhysd added the not-reproducible Issues which cannot be reproduced by maintainer label Apr 7, 2022
@rhysd
Copy link
Owner

rhysd commented Apr 7, 2022
edited

OK, I think I understood what you meant.

Create a workflow_call

This means a workflow like below, am I correct? (not a caller, but a callee of reusable workflow)

on:
  workflow_call:

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - run: echo ${{ secrets.ACTIONS_STEP_DEBUG }}

Then I could get the following error.

test.yaml:8:23: property "actions_step_debug" is not defined in object type {github_token: string} [expression]
  |
8 |       - run: echo ${{ secrets.ACTIONS_STEP_DEBUG }}
  |                       ^~~~~~~~~~~~~~~~~~~~~~~~~~

Currently secrets.GITHUB_TOKEN is treated as secrets set by system. So it does not cause an error when it is used without being defined in the workflow call definitiion. I think I can add more presets.

@rhysd
Copy link
Owner

rhysd commented Apr 7, 2022

I don't know what secrets are actually reserved. If you have any official document for the list of such secrets, please let me know the pointer.

@rhysd rhysd removed the not-reproducible Issues which cannot be reproduced by maintainer label Apr 7, 2022
@rhysd rhysd closed this as completed in ae6b1fa Apr 7, 2022
@djthornton1212
Copy link
Author

I'll see if I can find a document

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rhysd @djthornton1212