Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove the need for custom environment variables in GitHub actions #742

Closed
3 tasks
agateau-gg opened this issue Sep 11, 2023 · 2 comments
Closed
3 tasks

Remove the need for custom environment variables in GitHub actions #742

agateau-gg opened this issue Sep 11, 2023 · 2 comments
Labels
status:confirmed This issue has been reviewed and confirmed type:feature Feature request

Comments

@agateau-gg
Copy link
Collaborator

Remove the need for custom environment variables in GitHub actions

Context

Our GitHub actions currently rely on the following environment variables:

  • GITHUB_BASE_REF
  • GITHUB_DEFAULT_BRANCH
  • GITHUB_EVENT_NAME
  • GITHUB_PUSH_BASE_SHA
  • GITHUB_PUSH_BEFORE_SHA
  • GITHUB_SHA

Their names are a bit deceiving though: not all of them are defined in GitHub CI environment. GITHUB_DEFAULT_BRANCH, GITHUB_PUSH_BASE_SHA and GITHUB_PUSH_BEFORE_SHA are not. These 3 variables must be defined by all users of our actions using the env: key, like this:

name: GitGuardian scan

on: [push, pull_request]

jobs:
  scanning:
    name: GitGuardian scan
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        with:
          fetch-depth: 0 # fetch all history so multiple commits can be scanned
      - name: GitGuardian scan
        uses: GitGuardian/[email protected]
        env:
          GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }}
          GITHUB_PUSH_BASE_SHA: ${{ github.event.base }}
          GITHUB_DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
          GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }}

Goal

The goal of this issue is to remove the need for these 3 variables. The variables initialize themselves from the GitHub event object. This object is serialized as a .json file whose path is in GITHUB_EVENT_PATH. This means we can read it and initialize our variables from it.

Definition of Done

  • Our GitHub action code no longer requires our users to define GITHUB_PUSH_BEFORE_SHA, GITHUB_PUSH_BASE_SHA or GITHUB_DEFAULT_BRANCH;
  • For consistency, it would be good to read all variables from the .json file;
  • The action documentation has been updated accordingly. Note: this documentation update must only be published after the changes have been released!
@agateau-gg agateau-gg added type:feature Feature request status:new This issue needs to be reviewed status:confirmed This issue has been reviewed and confirmed and removed status:new This issue needs to be reviewed labels Sep 11, 2023
@GG-HH
Copy link
Collaborator

GG-HH commented Sep 21, 2023

This seems related to #687 (eventually, one being a subset of the other), should we merge those ?

@agateau-gg
Copy link
Collaborator Author

Oh right, I missed #687 🤦🏻. Going to close this one and add the Definition of Done to 687.

@agateau-gg agateau-gg closed this as not planned Won't fix, can't repro, duplicate, stale Sep 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status:confirmed This issue has been reviewed and confirmed type:feature Feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@GG-HH @agateau-gg