Ubuntu Question posted in
The official Ubuntu documentation can be found here.

Ubuntu – github rest api variables

I’m trying to access the github deloyment vriables using the github rest api.
but I’m unable to get the variables value inside the worlflow. It throws an error

{
  "message": "Resource not accessible by integration",
  "documentation_url": "https://docs.github.com/rest/actions/variables#get-an-environment-variable",
  "status": "403"
}

But when I’m trying to hit the same curl cmd in my local terminal with my personal access token, it works, It gives the expected result.

this is the main yaml file from where I’m calling the health.yml

name: CD

on:
  
  push:
    branches: [ "main" ]
 

  
  workflow_dispatch:


jobs:
  
  deploy:
     uses: ./.github/workflows/deploy.yml
  health-check:
    uses: ./.github/workflows/health.yml
    with: 
      DEPLOYMENT_TYPE: 'dev'
    secrets: inherit

  health-check-prod:
    uses: ./.github/workflows/health.yml
    with: 
      DEPLOYMENT_TYPE: 'prod'
    secrets: inherit

This is the health.yml file

name: health

on:
  workflow_call:
    inputs:
      DEPLOYMENT_TYPE:
        required: true
        type: string
jobs:
  health:
    runs-on: ubuntu-latest
    steps:
      - name: Test variables
        run: |
            curl -L 
            -H "Accept: application/vnd.github+json" 
            -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" 
            -H "X-GitHub-Api-Version: 2022-11-28" 
            https://api.github.com/repos/${{github.repository}}/environments/${{inputs.DEPLOYMENT_TYPE}}/variables/URL

Note: URL in the rest api endpoint is the variable name which I saved in deployment environment variables.

Tags:

2

Answers


  1. 0

    The fact that it works when you use a different access token and that it’s returning a 403 code, I assume secrets.GITHUB_TOKEN is set incorrectly, or doesn’t have the required permissions. Try issuing the command again but instead of using your personal token use the value of secrets.GITHUB_TOKEN. If it doesn’t work with a 403 again, then the token doesn’t have the required permissions. If it works, maybe the workflow is not retrieving the proper value of secrets.GITHUB_TOKEN.

    EDIT 1:
    Given it worked with your PAT in the workflow, it’s again pointing to secrets.GITHUB_TOKEN having the wrong permissions.

    EDIT 2:
    These links might help:
    https://docs.github.com/en/actions/security-guides/automatic-token-authentication
    https://docs.github.com/en/rest/authentication/permissions-required-for-github-apps?apiVersion=2022-11-28

    Login or Signup to reply.
  2. 0

    Try this:

    jobs:
  health:
    runs-on: ubuntu-latest
    environment: ${{ inputs.DEPLOYMENT_TYPE }}
    steps:
      - name: Test variables
        run: echo ${{ vars.URL }}
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search