githubgithub-actionsdevopsgithub-actions-self-hosted-runnersgithub-secret

Github Action Self-hosted machine Secrets not being passed to program


I have a Github action running on a self-hosted VM; I want to build and run a go executable in the workflow, and the program itself can run shell commands using Go's os.exec command.

I have tried to pass the secrets as env variables, but noticed that they are not being propagated to the Go program at all. Relevant part of YML file:

my_job:
    name: example
    runs-on: [self-hosted, mylabel]
    env:
      working-directory: src
      ACCESS_KEY: ${{ secrets.ACCESS_KEY }}
      SECRET_KEY: ${{ secrets.SECRET_KEY }}
    ...
    ... Run Go Program

When printing the env variable in the Go program, it returns nothing. This is only happening with self-hosted runners, Github runners have no issue. What could be causing this?


Solution

  • Found the answer to this; the Go binary was being run as sudo and the secrets were not set in sudo context. Running the go binary without sudo will allow us to access the secrets.