6/11/2023 0 Comments Github actions contexts![]() ![]() See this table to know what contexts are available and when. You do not have access to all contexts in all places. ![]() You can use contexts not only in the workflow yml files but also in the action.yml files. You can see how the default value is taken from the context. For more information, see "Permissions for the GITHUB_TOKEN."Īs far as we know that's only possible because the action can also get a secret from its action.yml configuration file.įor example, in the GitHub action, you can pass the token as an implicit input, but if you do not pass it, the actions will take it from the context and set it as a default value. As a good security practice, you should always make sure that actions only have the minimum access they require by limiting the permissions granted to the GITHUB_TOKEN. Important: An action can access the GITHUB_TOKEN through the github.token context even if the workflow does not explicitly pass the GITHUB_TOKEN to the action. Only for docker actions.Īccording to GitHub documentation, an action could have access to the GITHUB_TOKEN even if you do not explicitly pass the token in one of the previous ways. There are three ways to pass secrets to actions: The permissions of the GITHUB_TOKEN depend on your organization's default configuration for the token and the event that triggered the workflow. That context contains your secrets and a special secret called GITHUB_TOKEN, automatically added by GitHub. There is one special context called secrets context. Contexts are data structures where GitHub stores the information needed by workflows.
0 Comments
Leave a Reply. |