Open mbeckh opened 1 year ago
as a side note, I cannot find any context in which github.job_workflow_sha
acutally works. ex: from the caller workflow
name: pr
on:
pull_request:
branches: [main]
env:
WORKFLOW_REF_ROOT_ENV: ${{ github.job_workflow_sha }}
jobs:
pullrequest:
uses: ./.github/workflows/pullrequest.yml
secrets: inherit
with:
workflow-ref: ${{ github.job_workflow_sha }}
results in blank inputs and missing ${{ env.WORKFLOW_REF_ROOT_ENV }}
Inputs
workflow-ref:
I checked documentation source code, seems this property is subject of some condition (contrary to other ones):
{%- ifversion actions-oidc-custom-claims %}
| `github.job_workflow_sha` | `string` | {% data reusables.actions.job-workflow-sha-description %} |
{%- endif %}
Can I kindly ask authors of this commit about a little more context about what this condition is about? How I can enable it?
cc: @jc-clark @lucascosti
Hi @kkurczewski, I don't work at GitHub anymore, so I'll let @jc-clark answer your question. π (π Hi Joe π)
There is still no solution for this, is it?
Still hitting this: https://github.com/pdxjohnny/scitt-api-emulator/actions/runs/6178211970/job/16771062928#step:9:17
##[debug]Evaluating: github.job_workflow_sha
##[debug]Evaluating Index:
##[debug]..Evaluating github:
##[debug]..=> Object
##[debug]..Evaluating String:
##[debug]..=> 'job_workflow_sha'
##[debug]=> null
##[debug]Result: null
Operating System
Ubuntu
22.04.3
LTS
Runner Image
Image: ubuntu-22.04
Version: 20230911.1.0
Included Software: https://github.com/actions/runner-images/blob/ubuntu22/20230911.1/images/linux/Ubuntu2204-Readme.md
Image Release: https://github.com/actions/runner-images/releases/tag/ubuntu22%2F20230911.1
Apologies this is a documentation bug and job_workflow_sha
is only supported as an OIDC claim. A PR to correct the documentation is in progress.
I would recommend the community feedback discussions as a place to request any missing product feature. Good to focus on the scenario, since would not only help prioritize but also may help determine a different solution.
I found a workaround by requesting the token and extracting the claim. However, this only works on jobs which run within the repoβs context, not pull requests for example.
Working solution here using this action ~ dariocurr/checkout-called https://github.com/actions/toolkit/issues/1264#issuecomment-2333996536
Describe the bug The property
github.job_workflow_sha
is not set in a job using a reusable workflow. Documentation at https://docs.github.com/en/actions/learn-github-actions/contexts#github-context states that "For jobs using a reusable workflow, the commit SHA for the reusable workflow file.".To Reproduce
.github/workflows/test.yml
:.github/workflows/reuse.yml
:The context github is printed, but there is no key job_workflow_sha. The output of ${{github.job_workflow_sha}} is empty.
The behavior is the same whether reuse.yml is in the same repository as test.yml or in a different repository.
Expected behavior There is a key job_workflowsha matching the commit SHA of the reusable workflow file as displayed in the job log under "Set up job" as "Uses: <owner>/<repository>/.github/workflows/reuse.yml@refs/heads/<branchname> (<SHA>_)".
Runner Version and Platform
Runner version: 2.301.1 Platform: Ubuntu 22.04.1 LTS Runner Image: ubuntu-22.04 20230129.2
What's not working?
The property job_workflow_sha is not available in the context github of the reusable workflow although the documentation states it should be there.