-
Notifications
You must be signed in to change notification settings - Fork 73
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
7a28187
commit 8191055
Showing
2 changed files
with
55 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| # Working with Environment Variables in GitHub Actions | ||
|
|
||
| GitHub Actions allows you to work with environment variables to customize and parameterize your workflows. Environment variables are key-value pairs that can store secrets, configuration settings, or other data. This README provides examples of how to use environment variables effectively in GitHub Actions and outlines best practices for managing them securely. | ||
|
|
||
| ## Using Environment Variables | ||
|
|
||
| You can use environment variables in GitHub Actions workflows to: | ||
|
|
||
| - Store secrets securely. | ||
| - Define parameters or configuration settings. | ||
| - Share information between workflow steps or jobs. | ||
|
|
||
| Here are some common use cases and examples of working with environment variables: | ||
|
|
||
| ### Example 1: Define Workflow Parameters | ||
|
|
||
| Environment variables can be used to define parameters or configuration settings for your workflow. This makes it easy to customize workflow behavior: | ||
|
|
||
| ```yaml | ||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| env: | ||
| APP_ENV: ${{ vars.APP_ENV || "dev" }} | ||
| DEBUG: ${{ vars.DEBUG || "false" }} | ||
| steps: | ||
| - name: Run Workflow with Parameters | ||
| run: | | ||
| # Use environment variables to control workflow behavior | ||
| if [[ "$APP_ENV" == "production" && "$DEBUG" == "false" ]]; then | ||
| echo "Running in production mode." | ||
| else | ||
| echo "Running in a different mode or with debugging enabled." | ||
| fi | ||
| ``` | ||
| ## Best Practices for Using Environment Variables | ||
| When working with environment variables in GitHub Actions, consider the following best practices: | ||
| **Avoid Hardcoding Secrets:** Do not hardcode secrets directly in your workflow files. Store secrets securely as encrypted secrets in your repository settings and reference them using the secrets context. | ||
| **Use Descriptive Names:** Choose descriptive and meaningful names for your environment variables to make your workflows more readable and maintainable. | ||
| **Keep Secrets Secret:** Ensure that sensitive information, such as API keys or passwords, is stored and accessed securely. Avoid printing secrets in logs or exposing them unintentionally. | ||
| **Scope Variables Appropriately:** Use environment variables with appropriate scope (workflow-level, job-level) based on your workflow's requirements. Keep in mind that job-level environment variables are accessible only within the specific job. | ||
| **Document Your Variables:** Include comments or documentation in your workflow files to explain the purpose and usage of environment variables, making it easier for collaborators to understand and contribute to your workflows. | ||
| **Review Access Permissions:** Ensure that only authorized users have access to view or edit secrets and environment variables in your repository settings. | ||