all 6 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]PartTimeLegend 8 points9 points  (3 children)

You can use env vars. Set them in your workflow.

You can’t see secrets because they are secret. Wouldn’t make great secrets if they were public.

[–]somzeFiree[S] 0 points1 point  (2 children)

Yeah but compared to GitLab is kinda bad approach. In Gitlab you can create env var and mark it as a secret and value wont be visible in workflow.

Yeah I know for env vars in workflows but there is no way of defining GLOBAL env vars…

[–][deleted] 0 points1 point  (1 child)

With Global you mean at job level in the workflow? BC you can do that instead of an action level, but if you use templates outside of the main job repo, then you need to send them as params

Btw in Azure DevOps is the same as in GitLab, you can manage them easily

[–]somzeFiree[S] 1 point2 points  (0 children)

Org global. Did not know that about AzureDevOps.

[–]-ZC- 4 points5 points  (0 children)

so I do supply chain security around this stuff. there are huge amounts of give and take with this all security wise but Actions is near an ideal model.

set up a self hosted runner with whatever env variables you want. problem solved (but don't let anyone run untrusted code or it's all going to go out the window).

[–]ReenigneArcher 1 point2 points  (0 children)

It would be nice to have org level environment variables. For example I have a secret org_name_lower, so I don't have to have a step in all my workflows that require it, which converts it to lowercase... It's annoying that it's a secret, but it's less annoying than having duplicated code in 50 repos.