Store information in variables

Defining environment variables for a single workflow

To set a custom environment variable for a single workflow, you can define it using the env key in the workflow file. The scope of a custom variable set by this method is limited to the element in which it is defined. You can define variables that are scoped for:

The entire workflow, by using env at the top level of the workflow file.
The contents of a job within a workflow, by using jobs.<job_id>.env.
A specific step within a job, by using jobs.<job_id>.steps[*].env.

YAML

name: Greeting on variable day

on:
  workflow_dispatch

env:
  DAY_OF_WEEK: Monday

jobs:
  greeting_job:
    runs-on: ubuntu-latest
    env:
      Greeting: Hello
    steps:
      - name: "Say Hello Mona it's Monday"
        run: echo "$Greeting $First_Name. Today is $DAY_OF_WEEK!"
        env:
          First_Name: Mona

name: Greeting on variable day

on:
  workflow_dispatch

env:
  DAY_OF_WEEK: Monday

jobs:
  greeting_job:
    runs-on: ubuntu-latest
    env:
      Greeting: Hello
    steps:
      - name: "Say Hello Mona it's Monday"
        run: echo "$Greeting $First_Name. Today is $DAY_OF_WEEK!"
        env:
          First_Name: Mona

You can access env variable values using runner environment variables or using contexts. The example above shows three custom variables being used as runner environment variables in an echo command: $DAY_OF_WEEK, $Greeting, and $First_Name. The values for these variables are set, and scoped, at the workflow, job, and step level respectively. The interpolation of these variables happens on the runner.

The commands in the run steps of a workflow, or a referenced action, are processed by the shell you are using on the runner. The instructions in the other parts of a workflow are processed by GitHub Actions and are not sent to the runner. You can use either runner environment variables or contexts in run steps, but in the parts of a workflow that are not sent to the runner you must use contexts to access variable values. For more information, see Using contexts to access variable values.

Because runner environment variable interpolation is done after a workflow job is sent to a runner machine, you must use the appropriate syntax for the shell that's used on the runner. In this example, the workflow specifies ubuntu-latest. By default, Linux runners use the bash shell, so you must use the syntax $NAME. By default, Windows runners use PowerShell, so you would use the syntax $env:NAME. For more information about shells, see Workflow syntax for GitHub Actions.

Defining configuration variables for multiple workflows

You can create configuration variables for use across multiple workflows, and can define them at either the organization, repository, or environment level.

For example, you can use configuration variables to set default values for parameters passed to build tools at an organization level, but then allow repository owners to override these parameters on a case-by-case basis.

When you define configuration variables, they are automatically available in the vars context. For more information, see Using the vars context to access configuration variable values.

Creating configuration variables for a repository

GitHub 上で個人用アカウントリポジトリのシークレットまたは変数を作成するユーザーは、リポジトリのオーナーである必要があります。 GitHub 上で組織用リポジトリのシークレットまたは変数を作成するユーザーは、admin アクセス権を持っている必要があります。最後に、個人用アカウントリポジトリまたは組織用リポジトリのシークレットまたは変数を REST API 経由で作成するユーザーには、コラボレーターアクセス権が必要です。

GitHub で、リポジトリのメインページに移動します。
リポジトリ名の下にある [設定] をクリックします。 [設定] タブが表示されない場合は、 [] ドロップダウンメニューを選び、 [設定] をクリックします。
サイドバーの [セキュリティ] セクションで、 [ シークレットと変数] を選択し、次に [アクション] をクリックします。
[変数] タブをクリックします。
Click New repository variable.
[名前] フィールドに、変数の名前を入力します。
[値] フィールドに、変数の値を入力します。
Click Add variable.

Creating configuration variables for an environment

個人用アカウントのリポジトリ内の環境でシークレットか変数を作成するユーザーは、そのリポジトリのオーナーである必要があります。組織用リポジトリ内の環境用にシークレットか変数を作成するユーザーには、admin のアクセス権が必要です。環境の詳細については、「Managing environments for deployment」を参照してください。

GitHub で、リポジトリのメインページに移動します。
リポジトリ名の下にある [設定] をクリックします。 [設定] タブが表示されない場合は、 [] ドロップダウンメニューを選び、 [設定] をクリックします。
左側のサイドバーで、 [環境] をクリックします。
Click on the environment that you want to add a variable to.
Under Environment variables, click Add variable.
[名前] フィールドに、変数の名前を入力します。
[値] フィールドに、変数の値を入力します。
Click Add variable.

Creating configuration variables for an organization

Organization でシークレットまたは変数を作成する場合、ポリシーを使用して、リポジトリによるアクセスを制限できます。たとえば、すべてのリポジトリにアクセスを許可したり、プライベートリポジトリまたは指定したリポジトリのリストのみにアクセスを制限したりできます。

Organization のオーナーと、"Organization のアクション変数を管理" または "Organization のアクションシークレットを管理" のアクセス許可を持つユーザーは、Organization レベルでシークレットまたは変数を作成できます。

詳細については、「カスタム組織の役割の情報」を参照してください。

GitHub で、organization のメインページに移動します。
組織名の下で、 [設定] をクリックします。 [設定] タブが表示されない場合は、 [] ドロップダウンメニューを選び、 [設定] をクリックします。
サイドバーの [セキュリティ] セクションで、 [ シークレットと変数] を選択し、次に [アクション] をクリックします。
[変数] タブをクリックします。

メモ

アクセス許可によっては、[Actions secrets and variables] ページにシークレットと変数のタブが個別に表示されない場合があります。 "Organization のアクション変数を管理" と "Organization のアクションシークレットを管理" アクセス許可の両方を持つ Organization の所有者とユーザーには、[変数] と [シークレット] タブが表示されます。詳しくは、「カスタム組織の役割の情報」をご覧ください。
Click New organization variable.
[名前] フィールドに、変数の名前を入力します。
[値] フィールドに、変数の値を入力します。
From the Repository access dropdown list, choose an access policy.
Click Add variable.

Using contexts to access variable values

コンテキストは、ワークフローの実行、変数、ランナーの環境、ジョブ、ステップに関する情報にアクセスする方法です。 For more information, see Contexts reference. There are many other contexts that you can use for a variety of purposes in your workflows. For details of where you can use specific contexts within a workflow, see Contexts reference.

You can access environment variable values using the env context and configuration variable values using the vars context.

Using the `env` context to access environment variable values

In addition to runner environment variables, GitHub Actions allows you to set and read env key values using contexts. Environment variables and contexts are intended for use at different points in the workflow.

The run steps in a workflow, or in a referenced action, are processed by a runner. As a result, you can use runner environment variables here, using the appropriate syntax for the shell you are using on the runner - for example, $NAME for the bash shell on a Linux runner, or $env:NAME for PowerShell on a Windows runner. In most cases you can also use contexts, with the syntax ${{ CONTEXT.PROPERTY }}, to access the same value. The difference is that the context will be interpolated and replaced by a string before the job is sent to a runner.

However, you cannot use runner environment variables in parts of a workflow that are processed by GitHub Actions and are not sent to the runner. Instead, you must use contexts. For example, an if conditional, which determines whether a job or step is sent to the runner, is always processed by GitHub Actions. You must therefore use a context in an if conditional statement to access the value of an variable.

YAML

name: Conditional env variable

on: workflow_dispatch

env:
  DAY_OF_WEEK: Monday

jobs:
  greeting_job:
    runs-on: ubuntu-latest
    env:
      Greeting: Hello
    steps:
      - name: "Say Hello Mona it's Monday"
        if: ${{ env.DAY_OF_WEEK == 'Monday' }}
        run: echo "$Greeting $First_Name. Today is $DAY_OF_WEEK!"
        env:
          First_Name: Mona

name: Conditional env variable

on: workflow_dispatch

env:
  DAY_OF_WEEK: Monday

jobs:
  greeting_job:
    runs-on: ubuntu-latest
    env:
      Greeting: Hello
    steps:
      - name: "Say Hello Mona it's Monday"
        if: ${{ env.DAY_OF_WEEK == 'Monday' }}
        run: echo "$Greeting $First_Name. Today is $DAY_OF_WEEK!"
        env:
          First_Name: Mona

In this modification of the earlier example, we've introduced an if conditional. The workflow step is now only run if DAY_OF_WEEK is set to "Monday". We access this value from the if conditional statement by using the env context. The env context is not required for the variables referenced within the run command. They are referenced as runner environment variables and are interpolated after the job is received by the runner. We could, however, have chosen to interpolate those variables before sending the job to the runner, by using contexts. The resulting output would be the same.

run: echo "${{ env.Greeting }} ${{ env.First_Name }}. Today is ${{ env.DAY_OF_WEEK }}!"

メモ

Contexts are usually denoted using the dollar sign and curly braces, as ${{ context.property }}. In an if conditional, the ${{ and }} are optional, but if you use them they must enclose the entire comparison statement, as shown above.

警告

ワークフローとアクションを作成するときは、攻撃者によってコードが信頼されていない入力を実行する可能性があるかどうかを常に考慮する必要があります。攻撃者が悪意あるコンテンツを挿入してくるかもしれないので、特定のコンテキストは信頼できない入力として扱うべきです。詳しくは、「Secure use reference」をご覧ください。

Using the `vars` context to access configuration variable values

Configuration variables can be accessed across the workflow using vars context. For more information, see Contexts reference.

構成変数が設定されていない場合、変数を参照するコンテキストの戻り値は空の文字列になります。

次の例は、ワークフロー全体で vars コンテキストと共に構成変数を使用する方法を示しています。次の各構成変数は、リポジトリ、Organization、または環境レベルで定義されています。

YAML

on:
  workflow_dispatch:
env:
  # Setting an environment variable with the value of a configuration variable
  env_var: ${{ vars.ENV_CONTEXT_VAR }}

jobs:
  display-variables:
    name: ${{ vars.JOB_NAME }}
    # You can use configuration variables with the `vars` context for dynamic jobs
    if: ${{ vars.USE_VARIABLES == 'true' }}
    runs-on: ${{ vars.RUNNER }}
    environment: ${{ vars.ENVIRONMENT_STAGE }}
    steps:
    - name: Use variables
      run: |
        echo "repository variable : $REPOSITORY_VAR"
        echo "organization variable : $ORGANIZATION_VAR"
        echo "overridden variable : $OVERRIDE_VAR"
        echo "variable from shell environment : $env_var"
      env:
        REPOSITORY_VAR: ${{ vars.REPOSITORY_VAR }}
        ORGANIZATION_VAR: ${{ vars.ORGANIZATION_VAR }}
        OVERRIDE_VAR: ${{ vars.OVERRIDE_VAR }}
        
    - name: ${{ vars.HELLO_WORLD_STEP }}
      if: ${{ vars.HELLO_WORLD_ENABLED == 'true' }}
      uses: actions/hello-world-javascript-action@main
      with:
        who-to-greet: ${{ vars.GREET_NAME }}

on:
  workflow_dispatch:
env:
  # Setting an environment variable with the value of a configuration variable
  env_var: ${{ vars.ENV_CONTEXT_VAR }}

jobs:
  display-variables:
    name: ${{ vars.JOB_NAME }}
    # You can use configuration variables with the `vars` context for dynamic jobs
    if: ${{ vars.USE_VARIABLES == 'true' }}
    runs-on: ${{ vars.RUNNER }}
    environment: ${{ vars.ENVIRONMENT_STAGE }}
    steps:
    - name: Use variables
      run: |
        echo "repository variable : $REPOSITORY_VAR"
        echo "organization variable : $ORGANIZATION_VAR"
        echo "overridden variable : $OVERRIDE_VAR"
        echo "variable from shell environment : $env_var"
      env:
        REPOSITORY_VAR: ${{ vars.REPOSITORY_VAR }}
        ORGANIZATION_VAR: ${{ vars.ORGANIZATION_VAR }}
        OVERRIDE_VAR: ${{ vars.OVERRIDE_VAR }}
        
    - name: ${{ vars.HELLO_WORLD_STEP }}
      if: ${{ vars.HELLO_WORLD_ENABLED == 'true' }}
      uses: actions/hello-world-javascript-action@main
      with:
        who-to-greet: ${{ vars.GREET_NAME }}

Detecting the operating system

You can write a single workflow file that can be used for different operating systems by using the RUNNER_OS default environment variable and the corresponding context property ${{ runner.os }}. For example, the following workflow could be run successfully if you changed the operating system from macos-latest to windows-latest without having to alter the syntax of the environment variables, which differs depending on the shell being used by the runner.

YAML

on: workflow_dispatch

jobs:
  if-Windows-else:
    runs-on: macos-latest
    steps:
      - name: condition 1
        if: runner.os == 'Windows'
        run: echo "The operating system on the runner is $env:RUNNER_OS."
      - name: condition 2
        if: runner.os != 'Windows'
        run: echo "The operating system on the runner is not Windows, it's $RUNNER_OS."

on: workflow_dispatch

jobs:
  if-Windows-else:
    runs-on: macos-latest
    steps:
      - name: condition 1
        if: runner.os == 'Windows'
        run: echo "The operating system on the runner is $env:RUNNER_OS."
      - name: condition 2
        if: runner.os != 'Windows'
        run: echo "The operating system on the runner is not Windows, it's $RUNNER_OS."

In this example, the two if statements check the os property of the runner context to determine the operating system of the runner. if conditionals are processed by GitHub Actions, and only steps where the check resolves as true are sent to the runner. Here one of the checks will always be true and the other false, so only one of these steps is sent to the runner. Once the job is sent to the runner, the step is executed and the environment variable in the echo command is interpolated using the appropriate syntax ($env:NAME for PowerShell on Windows, and $NAME for bash and sh on Linux and macOS). In this example, the statement runs-on: macos-latest means that the second step will be run.

Passing values between steps and jobs in a workflow

If you generate a value in one step of a job, you can use the value in subsequent steps of the same job by assigning the value to an existing or new environment variable and then writing this to the GITHUB_ENV environment file. The environment file can be used directly by an action, or from a shell command in the workflow file by using the run keyword. For more information, see Workflow commands for GitHub Actions.

If you want to pass a value from a step in one job in a workflow to a step in another job in the workflow, you can define the value as a job output. You can then reference this job output from a step in another job. For more information, see Workflow syntax for GitHub Actions.

Next steps

For reference information, see Variables reference.

Store information in variables

この記事の内容