Handle $GH_TOKEN
icculus opened this issue · comments
I had to add this to my GitHub Actions workflow step for setup-sdl:
env:
GH_TOKEN: ${{ github.token }}
Otherwise the gh
call will fail. Is there a way to have setup-sdl itself set this environment variable for itself, but only if the workflow didn't specify something more specific?
I don't think there's a way to get a token.
At least, it is not available in the environment.
GitHub actions environment
{
SELENIUM_JAR_PATH: '/usr/share/java/selenium-server.jar',
HOMEBREW_CLEANUP_PERIODIC_FULL_DAYS: '3650',
ANT_HOME: '/usr/share/ant',
HOME: '/home/runner',
BOOTSTRAP_HASKELL_NONINTERACTIVE: '1',
EDGEWEBDRIVER: '/usr/local/share/edge_driver',
DEPLOYMENT_BASEPATH: '/opt/runner',
JAVA_HOME_11_X64: '/usr/lib/jvm/temurin-11-jdk-amd64',
RUNNER_PERFLOG: '/home/runner/perflog',
HOMEBREW_NO_AUTO_UPDATE: '1',
JAVA_HOME_17_X64: '/usr/lib/jvm/temurin-17-jdk-amd64',
CONDA: '/usr/share/miniconda',
SWIFT_PATH: '/usr/share/swift/usr/bin',
STATS_EXTP: 'https://provjobdsettingscdn.blob.core.windows.net/settings/provjobdsettings-0.5.146+9/provjobd.data',
DEBIAN_FRONTEND: 'noninteractive',
ANDROID_NDK_HOME: '/usr/local/lib/android/sdk/ndk/25.2.9519653',
STATS_EXT: 'true',
JAVA_HOME_8_X64: '/usr/lib/jvm/temurin-8-jdk-amd64',
ACCEPT_EULA: 'Y',
XDG_RUNTIME_DIR: '/run/user/1001',
AGENT_TOOLSDIRECTORY: '/opt/hostedtoolcache',
ANDROID_HOME: '/usr/local/lib/android/sdk',
GOROOT_1_20_X64: '/opt/hostedtoolcache/go/1.20.5/x64',
STATS_RDCL: 'true',
VCPKG_INSTALLATION_ROOT: '/usr/local/share/vcpkg',
RUNNER_USER: 'runner',
GECKOWEBDRIVER: '/usr/local/share/gecko_driver',
ImageOS: 'ubuntu22',
STATS_TRP: 'true',
GOROOT_1_19_X64: '/opt/hostedtoolcache/go/1.19.10/x64',
GHCUP_INSTALL_BASE_PREFIX: '/usr/local',
ANDROID_SDK_ROOT: '/usr/local/lib/android/sdk',
JOURNAL_STREAM: '8:16959',
GITHUB_ACTIONS: 'true',
STATS_VMD: 'true',
NVM_DIR: '/home/runner/.nvm',
XDG_CONFIG_HOME: '/home/runner/.config',
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: '1',
DOTNET_NOLOGO: '1',
POWERSHELL_DISTRIBUTION_CHANNEL: 'GitHub-Actions-ubuntu22',
GOROOT_1_18_X64: '/opt/hostedtoolcache/go/1.18.10/x64',
ANDROID_NDK_ROOT: '/usr/local/lib/android/sdk/ndk/25.2.9519653',
CHROME_BIN: '/usr/bin/google-chrome',
STATS_NM: 'true',
JAVA_HOME: '/usr/lib/jvm/temurin-11-jdk-amd64',
USER: 'runner',
SGX_AESM_ADDR: '1',
LANG: 'C.UTF-8',
DOTNET_MULTILEVEL_LOOKUP: '0',
PIPX_BIN_DIR: '/opt/pipx_bin',
SYSTEMD_EXEC_PID: '664',
ANDROID_NDK: '/usr/local/lib/android/sdk/ndk/25.2.9519653',
ImageVersion: '20230625.1.0',
STATS_TIS: 'mining',
RUNNER_TOOL_CACHE: '/opt/hostedtoolcache',
PATH: '/home/runner/.local/bin:/opt/pipx_bin:/home/runner/.cargo/bin:/home/runner/.config/composer/vendor/bin:/usr/local/.ghcup/bin:/home/runner/.dotnet/tools:/snap/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin',
CHROMEWEBDRIVER: '/usr/local/share/chrome_driver',
STATS_V3PS: 'true',
RUNNER_TRACKING_ID: 'github_2d00b573-b0b4-4895-ae56-5621b4cd3c00',
ANDROID_NDK_LATEST_HOME: '/usr/local/lib/android/sdk/ndk/25.2.9519653',
LEIN_JAR: '/usr/local/lib/lein/self-installs/leiningen-2.10.0-standalone.jar',
GRADLE_HOME: '/usr/share/gradle-8.1.1',
AZURE_EXTENSION_DIR: '/opt/az/azcliextensions',
INVOCATION_ID: 'fd65337e64c54bacae42f1551baeb46f',
PERFLOG_LOCATION_SETTING: 'RUNNER_PERFLOG',
PIPX_HOME: '/opt/pipx',
LEIN_HOME: '/usr/local/lib/lein',
CI: 'true',
INPUT_VERSION: '3-head',
INPUT_SHELL: 'bash',
'INPUT_CMAKE-TOOLCHAIN-FILE': '',
'INPUT_PRE-RELEASE': 'true',
'INPUT_BUILD-TYPE': 'Release',
'INPUT_SDL-TEST': 'false',
INPUT_NINJA: 'true',
INPUT_DISCRIMINATOR: '',
'INPUT_ADD-TO-ENVIRONMENT': 'false',
INPUT_VERBOSE: 'false',
GITHUB_JOB: 'build',
GITHUB_REF: 'refs/heads/master',
GITHUB_SHA: '7d24aa9e3ff3accf0fa9104d42b4608bbd740df6',
GITHUB_REPOSITORY: 'madebr/issues',
GITHUB_REPOSITORY_OWNER: 'madebr',
GITHUB_REPOSITORY_OWNER_ID: '4138939',
GITHUB_RUN_ID: '5427577394',
GITHUB_RUN_NUMBER: '23',
GITHUB_RETENTION_DAYS: '90',
GITHUB_RUN_ATTEMPT: '2',
GITHUB_REPOSITORY_ID: '122216002',
GITHUB_ACTOR_ID: '4138939',
GITHUB_ACTOR: 'madebr',
GITHUB_TRIGGERING_ACTOR: 'madebr',
GITHUB_WORKFLOW: 'Build',
GITHUB_HEAD_REF: '',
GITHUB_BASE_REF: '',
GITHUB_EVENT_NAME: 'push',
GITHUB_SERVER_URL: 'https://github.com',
GITHUB_API_URL: 'https://api.github.com',
GITHUB_GRAPHQL_URL: 'https://api.github.com/graphql',
GITHUB_REF_NAME: 'master',
GITHUB_REF_PROTECTED: 'false',
GITHUB_REF_TYPE: 'branch',
GITHUB_WORKFLOW_REF: 'madebr/issues/.github/workflows/main.yml@refs/heads/master',
GITHUB_WORKFLOW_SHA: '7d24aa9e3ff3accf0fa9104d42b4608bbd740df6',
GITHUB_WORKSPACE: '/home/runner/work/issues/issues',
GITHUB_ACTION: 'sdl',
GITHUB_EVENT_PATH: '/home/runner/work/_temp/_github_workflow/event.json',
GITHUB_ACTION_REPOSITORY: 'madebr/setup-sdl',
GITHUB_ACTION_REF: 'experimental',
GITHUB_PATH: '/home/runner/work/_temp/_runner_file_commands/add_path_74480088-bcff-421d-8885-0f1811ff02ae',
GITHUB_ENV: '/home/runner/work/_temp/_runner_file_commands/set_env_74480088-bcff-421d-8885-0f1811ff02ae',
GITHUB_STEP_SUMMARY: '/home/runner/work/_temp/_runner_file_commands/step_summary_74480088-bcff-421d-8885-0f1811ff02ae',
GITHUB_STATE: '/home/runner/work/_temp/_runner_file_commands/save_state_74480088-bcff-421d-8885-0f1811ff02ae',
GITHUB_OUTPUT: '/home/runner/work/_temp/_runner_file_commands/set_output_74480088-bcff-421d-8885-0f1811ff02ae',
RUNNER_OS: 'Linux',
RUNNER_ARCH: 'X64',
RUNNER_NAME: 'GitHub Actions 2',
RUNNER_ENVIRONMENT: 'github-hosted',
RUNNER_TEMP: '/home/runner/work/_temp',
RUNNER_WORKSPACE: '/home/runner/work/issues',
ACTIONS_RUNTIME_URL: 'https://pipelines.actions.githubusercontent.com/E4zrDlLRy0hU9CBolV1vC16KRxQntOpc2KhNimtoQBA3PzxylI/',
ACTIONS_RUNTIME_TOKEN: '***',
ACTIONS_CACHE_URL: 'https://artifactcache.actions.githubusercontent.com/E4zrDlLRy0hU9CBolV1vC16KRxQntOpc2KhNimtoQBA3PzxylI/'
}
Until a few hours ago, the available versions were hardcoded in the action.
There are some advantages to hard coding:
- less chance on breakage due to api rate limiting
- reproducible builds: running a certain commit of setup-sdl, you know in advance what version will be picked. It does not depend on what date you run the workflow.
The only cost is a higher maintenance burden, but this can be mitigated by some scripting.
No, I mean, the ${{ github.token }}
magic I mentioned works and provides a valid token to use, the question is whether we can force this into the GH_TOKEN
environment variable before running the gh
command line tool, but only if GH_TOKEN isn't already set.
Or maybe just always force it by default and add a simple "don't force it, I already handled it" option instead.
(Or maybe just force it and see if anyone ever complains, which they likely won't.)
I think this can only be done by adding a github-token
input.
If, and only if, that input is set, we set the GITHUB_TOKEN
/GH_TOKEN
environment variable(s).
Then you need to do use with
instead of env
:
- name: Set up SDL
id: sdl
uses: libsdl-org/setup-sdl@main
with:
version: 2-latest
github-token: ${{ github.token }}
wdyt?
This is added in 2e6317a
Ah, okay, I think that'll do.
add default: ${{ github.token }}
in your inputs
Below this line
Line 34 in 2e6317a
It's how that action that does git clone works (checkout)
Yes, we can.
Looks like it is also used by actions/checkout
.
I didn't know this was possible.
It's used by actions/checkout
.
I'm also going to rename github-token
to token
.
Applied in a27f100.
Thanks @ericoporto !