OPENAI_API_KEY configuration error: Issues during GitHub Action execution

[HyoJeong1019]

I have a problem with OPENAI_API_KEY not being recognized.

• In the first attempt, I set the OPENAI_API_KEY variable in the Variables tab. The GitHub Action runs, but OPENAI_API_KEY is empty, and the error message says it cannot be found.
  

• In the second attempt, I set up the YAML file like this and pushed it, but OPENAI_API_KEY is still empty.

• Despite setting up the OPENAI_API_KEY in Actions secrets and variables, you are still encountering an issue where the OPENAI_API_KEY value is not being recognized.

name: Code Review

permissions:
  contents: read
  pull-requests: write

on:
  pull_request:
    types: [opened, synchronize]

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: anc95/ChatGPT-CodeReview@main
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}

Please tell me how to solve the problem.🥲

[anc95]

@julian-jeong is your pull request from one forked repo to the main repo?

[HyoJeong1019]

@anc95 This is pull request for the "a branch" that originated from the "main branch". Please refer to the attached image.

[anc95]

@julian-jeong Your setup should be fine, I suggest creating a simple GitHub action demo to test it out, such as https://docs.github.com/en/actions/security-guides/encrypted-secrets#example-using-bash.

[XiaoRIGE]

Have you solved this problem? I seem to have encountered the same situation

[anc95]

@XiaoRIGE It may not be a code bug, but rather some restrictions on the use of GitHub secrets. I am unable to reproduce it, so at the moment I have no idea how to assist with this.

[mralexandernickel]

@anc95 it looks like here is the problem:

ChatGPT-CodeReview/src/bot.ts

Line 18 in 17cbc89

'GET /repos/{owner}/{repo}/actions/variables/{name}',

🔝 this code is executed even though it seems to be not needed. when this variable is added inside the repository, then the error is gone... no matter which value the variable has (does not need to be an api key)

[anc95]

@mralexandernickel

ChatGPT-CodeReview/src/bot.ts

Lines 10 to 19 in 17cbc89

	if (process.env.OPENAI_API_KEY) {
	return new Chat(process.env.OPENAI_API_KEY);
	}
	const repo = context.repo();
	try {
	const { data } = (await context.octokit.request(
	'GET /repos/{owner}/{repo}/actions/variables/{name}',
	{

If OPEN_API_KEY is properly set, the code should go into the first if statement. However, it seems that the secret was not successfully injected to the environment when running the GitHub action. This has resulted in falling back to querying the OPENAI_API_KEY in the variable. Setting the key in the variable when using GitHub action integration is not recommended. This is because GitHub displays the variable in the action running log, which compromises security.

[mralexandernickel]

@anc95 yeah i have seen that, but the interesting part is, that our OPENAI_API_KEY in fact is set up correctly, and we also get responses/comments from chatgpt in our pul requests afterwards. 🤷

so in fact "it is working", but we get that strange comment that the variable is not set. for us we have set up the OPENAI_API_KEY as an organization secret, even though I can not see a reason why that should be a problem...escpecially since it is working. really strange. 🤔

[mralexandernickel]

@anc95

This could also be a hint to the problem:

the comment about "api key variable not set up" seem to be created via default GITHUB_TOKEN (commet is made by user "cr-gpt"), even though we have added a PAT in the yaml to be used. and the comment after that, with the response coming from chatgpt is then made by using the PAT we have set via yaml. maybe that information could be helping...

[anc95]

@mralexandernickel it seems that you setup both GitHub action and GitHub app integrations. The warning comment is sent by GitHub app. So try to remove the GitHub app from your repo to see if it will be no warning in comment.

[mralexandernickel]

@anc95

🤦 exactly that has been the problem, thank you very much! I have removed the github app from our organization and instead only use the github action. now we got the behaviour we'd like to have 😊

sorry for my misunderstanding of setting up the integration, and thank you for your support and great work here!