I created a reusable workflow to run unit tests.
In the main workflow, I call this workflow and pass the secrets as arguments.
I also want to trigger this workflow manually sometimes from the GitHub web UI, so I added workflow_dispatch.
However, when I do that, I get the error: Error: Input required and not supplied: token. What do I need to do to get access to the secrets when triggering my workflow manually?
I’m confused because in my main workflow (which is triggered by workflow_dispatch), I don’t need to do anything special to access the secrets. So I don’t understand why this workflow doesn’t automatically get access to the secrets from the repo when triggered by workflow_dispatch, too:
name: unit-tests
on:
workflow_dispatch:
workflow_call:
secrets:
PAT_GITHUB:
required: true
jobs:
update-checker:
runs-on: ubuntu-latest
steps:
- name: "Check out this repo and submodules."
uses: actions/checkout@v3
with:
submodules: true
token: ${{ secrets.PAT_GITHUB }}
timeout-minutes: 3
When I call this workflow from another workflow and pass the secrets, it executes as expected.
But when I dispatch this workflow from the web UI (screenshot below), it fails:
Is it possible to use workflow_dispatch and workflow_call in the same workflow? If so, how do I access the secrets when using workflow_dispatch?
2
Answers
The issue was that I had renamed the secret by mistake in my reusable workflow.
So in the main workflow, I had a secret called
GITHUB_PAT, but my reusable workflow called itPAT_GITHUB. Since I passedGITHUB_PATtoPAT_GITHUBin the calling workflow, that worked, but the dispatch failed.So the rule here is that if you want to use secrets in a reusable workflow that can also be dispatched, you can't rename the secrets!
You have to pass your secrets from the caller.
Or you can use
secrets: inherit:See: