Environment variables created from secrets cannot be hyphenated

[gabriel-kohen-by]

This action both creates the secret values as output variables and environment variables.
Key-Vault Secret names can only have alphanumeric characters and dashes.
Per Posix rules environment variables can only have alphanumeric characters and underscores.
https://pubs.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap08.html
We need to make sure we create environment variable converted to snake case(underscore) rather than hyphens (kebob).
Please advise.

Thanks!

[lukaszzdanikowski]

@N-Usha is this PR going to be merged? It seems like it may break a lot of actions as from the github-script action we are able to access hyphenated env variables.

[pauska]

Any updates here? It's common to use hyphens for key vault secrets.

[kf6kjg]

It's not just common: Azure Key Vault explicitly bans the use of underscores in key names. On the flip side POSIX environments use underscores not hyphens.

Yes IMHO automatically converting between the two is a breaking change that should trigger a major version increment.

[github-actions]

This issue is idle because it has been open for 14 days with no activity.

[kanika1894]

Hey @gabriel-kohen-by,
Need some help in understanding the problem better.
It will be great if you please provide some scenario where the hyphen/underscore is causing a problem?

[kf6kjg]

As the OP posted using hyphens for environment variables is a mismatch with POSIX. It also causes problems, all of which have workarounds, when accessing the env var with some tools - such as NodeJS: process.env.ENV-NAME will fail to execute. Like I said there are workarounds: process.env["ENV-NAME"] but they are not preferred - especially in TypeScript.

Hence many of us utilize tools to convert the env vars after the fact. In my case I've been working on rolling my own private tool that works somewhat like get-keyvault-secrets that handles both this problem and some app-specific use-cases in one shot. Once that's done I'll probably elimate this from my workflows.

[github-actions]

This issue is idle because it has been open for 14 days with no activity.

[gabriel-kohen-by]

Hey @gabriel-kohen-by,
Need some help in understanding the problem better.
It will be great if you please provide some scenario where the hyphen/underscore is causing a problem?

See comment mentioned by others for a typical business scenario

[github-actions]

This issue is idle because it has been open for 14 days with no activity.

[darren-johnson]

We have this issue too. We use Key Vault for terraform secrets such as ARM_CLIENT_ID, but this can only be stored in the key vault as ARM-CLIENT-ID. When retrieving the secret, we can set an environment variable by adding a value to the step such as below:

env:
        ARM_CLIENT_ID: ${{ steps.get-terraform-secrets.outputs.ARM-CLIENT-ID }}

However, this then means the step has 2 environment variables presented to it, ARM_CLIENT_ID which we have set, and ARM-CLIENT-ID which comes from the Key Vault task.

This feels sub-optimal and can cause confusion. I hope that helps clear up the issue encountered.

[strickvl]

Also having this same problem. I'd really like to have underscores available to me to set the key names.