GitHub Actions workflows env and secrets All In One
GitHub Actions workflows env and secrets All In One
$GITHUB_ENV&secrets
环境变量 和 密钥
Secrets and variables allow you to manage reusable configuration data.
Secrets are encrypted and are used for sensitive data.
Variables are shown as plain text and are used for non-sensitive data.
Anyone with collaborator access to this repository can use these secrets and variables for actions.
They are not passed to workflows that are triggered by a pull request from a fork.
GITHUB_ENV environment file
- 变量提供了一种存储和重用
非敏感配置信息的方法 - 你可以设置自己的
自定义变量或使用 GitHub 自动设置的默认环境变量。
# 把变量和值 `>>` 追加到 GITHUB_ENV 环境变量文件中
echo "{environment_variable_name}={value}" >> "$GITHUB_ENV"
steps:
- name: Set the value
id: step_one
run: |
echo "action_state=yellow" >> "$GITHUB_ENV"
- name: Use the value
id: step_two
run: |
printf '%s\n' "$action_state" # This will output 'yellow'
env vs github.env
# ✅
${{ env.VARIABLE_NAME }}
# ✅ namespcae ❓
${{github.env.VARIABLE_NAME}}}
https://docs.github.com/en/actions/learn-github-actions/contexts#env-context
secrets in GitHub Actions
警告:默认情况下,变量在构建输出中呈现未屏蔽的状态。
如果你需要更高的安全性来保护敏感信息(例如密码),请改用机密。
steps:
- name: Hello world action
with: # Set the secret as an input
super_secret: ${{ secrets.SuperSecret }}
env: # Or as an environment variable
super_secret: ${{ secrets.SuperSecret }}
https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions
demos
# This is a basic workflow to help you get started with Actions
name: Tesla_Crawler
# Controls when the action will run.
on:
# Triggers the workflow on push events but only for the main branch
push:
branches: [ main ]
schedule:
- cron: '00 08 * * *'
# https://crontab.guru/#00_08_*_*_*
# Runs at 08:00 on everyday
# 分、时、日、月、周
# https://www.cnblogs.com/xgqfrms/p/15384401.html
# - cron: '00 08,20 * * *'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
# hello-job:
# # The type of runner that the job will run on
# runs-on: ubuntu-latest
# # Steps represent a sequence of tasks that will be executed as part of the job
# steps:
# # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
# - uses: actions/checkout@v2
# # Runs a single command using the runners shell
# - name: Run a one-line script
# run: echo Hello, world!
# crawler job
tesla-job:
permissions:
# Give the default GITHUB_TOKEN write permission to commit and push the
# added or changed files to the repository.
contents: write
runs-on: ubuntu-latest
steps:
- name: 'Checkout codes'
uses: actions/checkout@v3
# 自定义 env, 并且 >> 追加到 GITHUB_ENV file 中 ✅
# https://www.cnblogs.com/xgqfrms/p/17685587.html
# 自定义 env, $GITHUB_ENV => ${{env.REPORT_DATE}} ✅
# 自定义 env, $GITHUB_ENV => ${{github.env.REPORT_DATE}} ✅
- name: 'set Date'
run: echo "REPORT_DATE=$(TZ=':Asia/Shanghai' date '+%Y-%m-%d %T')" >> $GITHUB_ENV
- name: 'print Date'
run: echo ${{env.REPORT_DATE}}
# vscode warning: Context access might be invalid: REPORT_DATE
# https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
- name: 'Get Date'
run: echo ${{github.env.REPORT_DATE}}
# vscode not warning
- name: 'install package'
run: npm i
- name: 'begin'
run: echo "crawling ...✅"
- name: '自动爬取'
run: node ./auto-update.js
- name: 'end'
run: echo "finshed 🎉"
# Commit all changed files back to the repository
- uses: stefanzweifel/git-auto-commit-action@v4
with:
commit_message: update tesla data
# ...
steps:
- name: 'Checkout codes'
uses: actions/checkout@v3
# 自定义 env, 并且 >> 追加到 GITHUB_ENV file 中 ✅
# https://www.cnblogs.com/xgqfrms/p/17685587.html
# 自定义 env, $GITHUB_ENV => ${{env.REPORT_DATE}} ✅
# 自定义 env, $GITHUB_ENV => ${{github.env.REPORT_DATE}} ✅
- name: 'set Date'
run: echo "REPORT_DATE=$(TZ=':Asia/Shanghai' date '+%Y-%m-%d %T')" >> $GITHUB_ENV
- name: 'print Date'
run: echo ${{env.REPORT_DATE}}
# vscode warning: Context access might be invalid: REPORT_DATE
# https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
- name: 'Get Date'
run: echo ${{github.env.REPORT_DATE}}
# vscode not warning
# 自定义 multi envs
# $GITHUB_ENV => ${{github.env.AUTHOR}} ✅ $GITHUB_ENV => ${{github.env.WEBSITE}} ✅
- name: '自定义多个 env 变量'
run: |
echo "AUTHOR=xgqfrms" >> $GITHUB_ENV
echo "WEBSITE=https://www.xgqfrms.xyz" >> $GITHUB_ENV
- name: '打印多个 env 变量'
run: |
echo "AUTHOR=${{env.AUTHOR}} ✅"
echo "WEBSITE=${{env.WEBSITE}} 🎉"
# Unexpected symbol: '$GITHUB_ENV'. Located at position 1 within expression: $GITHUB_ENV
# Available expression contexts: github, inputs, vars, needs, strategy, matrix, secrets, steps, job, runner, env
# Available expression functions: hashFiles
# ...
export & set & unset
exportan system wide environment variablesetshow all environment variable ❓ config outputunsetdelete an exported environment variable
$ export GITHUB_ENV_var=1
$ echo $GITHUB_ENV_var
1
# set 不可以设置环境变量 ❌ 错误用法
$ set GITHUB_ENV_var=2
$ echo $GITHUB_ENV_var
1
$ set | grep "GITHUB_ENV_var"
'*'=( 'GITHUB_ENV_var=2' )
@=( 'GITHUB_ENV_var=2' )
GITHUB_ENV_var=1
argv=( 'GITHUB_ENV_var=2' )
$ unset GITHUB_ENV_var
$ set | grep "GITHUB_ENV_var"
'*'=( 'GITHUB_ENV_var=2' )
@=( 'GITHUB_ENV_var=2' )
argv=( 'GITHUB_ENV_var=2' )
$ echo $GITHUB_ENV_var
https://stackoverflow.com/questions/6877727/how-do-i-delete-an-exported-environment-variable
set & unset
set [ {+|-}options | {+|-}o [ option_name ] ] ... [ {+|-}A [ name ] ]
[ arg ... ]
Set the options for the shell and/or set the positional
parameters, or declare and set an array. If the -s option is
given, it causes the specified arguments to be sorted before
assigning them to the positional parameters (or to the array
name if -A is used). With +s sort arguments in descending
order. For the meaning of the other flags, see zshoptions(1).
Flags may be specified by name using the -o option. If no option
name is supplied with -o, the current option states are printed:
see the description of setopt below for more information on the
format. With +o they are printed in a form that can be used as
input to the shell.
If the -A flag is specified, name is set to an array containing
the given args; if no name is specified, all arrays are printed
together with their values.
If +A is used and name is an array, the given arguments will
replace the initial elements of that array; if no name is
specified, all arrays are printed without their values.
The behaviour of arguments after -A name or +A name depends on
whether the option KSH_ARRAYS is set. If it is not set, all
arguments following name are treated as values for the array,
regardless of their form. If the option is set, normal option
processing continues at that point; only regular arguments are
treated as values for the array. This means that
set -A array -x -- foo
sets array to `-x -- foo' if KSH_ARRAYS is not set, but sets the
array to foo and turns on the option `-x' if it is set.
If the -A flag is not present, but there are arguments beyond
the options, the positional parameters are set. If the option
list (if any) is terminated by `--', and there are no further
arguments, the positional parameters will be unset.
If no arguments and no `--' are given, then the names and values
of all parameters are printed on the standard output. If the
only argument is `+', the names of all parameters are printed.
For historical reasons, `set -' is treated as `set +xv' and `set
- args' as `set +xv -- args' when in any other emulation mode
than zsh's native mode.
$ man zshbuiltins
# $ man zshbuiltins | grep set
# Unknown locale, assuming C
$ locale
LANG=""
LC_COLLATE="C"
LC_CTYPE="UTF-8"
LC_MESSAGES="C"
LC_MONETARY="C"
LC_NUMERIC="C"
LC_TIME="C"
LC_ALL=
# fix
$ export LANG="en_US.UTF-8"
$ locale
LANG="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_CTYPE="UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_ALL=
https://pubs.opengroup.org/onlinepubs/007904875/utilities/set.html
unset [ -fmv ] name ...
Each named parameter is unset. Local parameters remain local
even if unset; they appear unset within scope, but the previous
value will still reappear when the scope ends.
Individual elements of associative array parameters may be unset
by using subscript syntax on name, which should be quoted (or
the entire command prefixed with noglob) to protect the
subscript from filename generation.
If the -m flag is specified the arguments are taken as patterns
(should be quoted) and all parameters with matching names are
unset. Note that this cannot be used when unsetting associative
array elements, as the subscript will be treated as part of the
pattern.
The -v flag specifies that name refers to parameters. This is
the default behaviour.
unset -f is equivalent to unfunction.
https://pubs.opengroup.org/onlinepubs/007904875/utilities/unset.html
refs
https://docs.github.com/en/actions/learn-github-actions/variables#about-environment-variables
https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions
https://github.com/web-full-stack/cyclic-express-server/settings/secrets/actions
https://github.com/web-full-stack/cyclic-express-server/settings/variables/actions
https://github.com/web-full-stack/cyclic-express-server/issues/6
©xgqfrms 2012-2025
www.cnblogs.com/xgqfrms 发布文章使用:只允许注册用户才可以访问!
原创文章,版权所有©️xgqfrms, 禁止转载 🈲️,侵权必究⚠️!
本文首发于博客园,作者:xgqfrms,原文链接:https://www.cnblogs.com/xgqfrms/p/17685587.html
未经授权禁止转载,违者必究!
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· DeepSeek 开源周回顾「GitHub 热点速览」
· 记一次.NET内存居高不下排查解决与启示
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布:重大改进与新特性概览!
· .NET10 - 预览版1新功能体验(一)
2022-09-07 使用 macOS 输入多个空格,会自动添加一个点 bug All In One
2022-09-07 API 调试工具 All In One
2022-09-07 macOS get DNS config All In One
2022-09-07 如何使用 cloudflare 快速搭建个人域名邮箱 All In One
2022-09-07 WebAssembly JS API All In One
2021-09-07 Google 面试题 All In One
2020-09-07 Interview Questions All In One