New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use environment variables as template variables #847
Comments
I would be afraid of potentially leaking secrets, I would have to test this. |
@jetersen # workflow.yml
...
steps:
- name: Release Drafter
uses: release-drafter/release-drafter@v5.15.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
MY_TOKEN: ${{ secrets.MY_PAT }} # .github/release-drafter.yml
name-template: "$MY_TOKEN"
template: |
## Changes
$CHANGES |
Would be a neat feature and useful in video-dev/hls.js#4025. How about having a new config option which is an allow list of env variables to expose? |
Started something here: #892 |
Actually I鈥檓 wondering what the security concerns are of just allowing any env var? The release is only updated from trusted branches, not prs, right? If someone updates the template and gets past pr review they could also just update the config so the draft pr I started might not be useful. |
Created actions/toolkit#976 to ask for a way that GitHub actions can mask secrets. |
+1 @jetersen Would it be possible to iterate over the secrets (like |
Maybe another good use case would be potential replacers? env:
HELLO: "Hello"
WORLD: "World"
INPUT_NAME: "${{ inputs.name }}"
with:
environment-replacers: "$HELLO,$WORLD,$GITHUB_SHA" as a way to register what variables should be replaced? For instance Reason for having a Would |
@jetersen I ike that idea with replacers. So basically this would be whitelisting env vars. Maybe just call it |
First of all, thanks for the great effort for making this project! 馃帺 I'm submitting this issue as a feature request. Not sure if there is already similar ones but I searched for
env
in this repo and didn't recognize other issues or PRs on this topic.I wanted to use variables that aren't in the scope of pre-defined template variables. An example of the configuration would be something like this:
I imagine it would be implemented at somewhere around this section of code, but I'm not familiar with how the
dist/index.js
is composed.https://github.com/release-drafter/release-drafter/blob/fe52e97d262833ae07d05efaf1a239df3f1b5cd4/dist/index.js#L1168-L1185
Edit:
Something like this might work? This will take environment variable as priority though, not sure if that's a concern.
In case the above code snippet isn't rendering, I'm referencing the following block in
dist/index.js
The text was updated successfully, but these errors were encountered: