42

I'm trying to use an environment variable in an if condition in github actions like so:

name: Worfklow
on:
  push

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1

      - name: EXIT step
        if: $GITHUB_REF == 'specific-branch'
        run: exit 1

I want to exit if the current branch is equal to a specific branch.

Unfortunately, the github actions console displays an error:

Unexpected symbol: '$GITHUB_REF'

I can use $GITHUB_REF in a run: (where it contains the current branch), but not in an if:. What am I doing wrong?

Patrick
  • 1,728
  • 2
  • 17
  • 30

5 Answers5

50

Though the original problem had been solved without environment vars, I'd like to share how it can be used with if conditions.

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:

      - name: Set env BRANCH
        run: echo "BRANCH=$(echo $GITHUB_REF | cut -d'/' -f 3)" >> $GITHUB_ENV

      - name: Set env NEED
        run: |
          if [[ $BRANCH == 'master' && $GITHUB_EVENT_NAME == 'push' ]]; then
              echo "NEED=true" >> "$GITHUB_ENV"
          else
              echo "NEED=false" >> "$GITHUB_ENV"
          fi

      - name: Skip Deploy?
        if: env.NEED != 'true'
        run: echo "Only pushing to 'master' causes automatic deployment"

     ...

The first two steps set 2 env variables, the third step demonstrates what syntax you need to follow to use these vars in if conditions.

dhilt
  • 18,707
  • 8
  • 70
  • 85
  • 1
    This solution works for any environment variable needed on any step, which is more complete than other solutions. This is why I think it should be marked as the correct answer. – rogervila Nov 03 '21 at 16:49
  • 10
    This is the correct answer, but it could be clearer. The point being: Use `env.MYVAR` instead of `$MYVAR`. – Claudio Nov 20 '21 at 09:33
  • 1
    for more info on environment variables: https://docs.github.com/en/actions/learn-github-actions/environment-variables – Sandra May 06 '22 at 10:26
  • I needed to use secrets in if statements: `if: ${{ env.super_secret != '' }}` https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-using-secrets – Sandra May 06 '22 at 10:42
  • 1
    You can only use the env variables you set on the next step, not in the same step – JCompetence Sep 20 '22 at 19:01
18

do it like this:

if: github.ref == 'specific-branch'

reference branch conditional

DᴀʀᴛʜVᴀᴅᴇʀ
  • 7,681
  • 17
  • 73
  • 127
laserany
  • 1,257
  • 1
  • 8
  • 17
  • 1
    A word of warning: github.ref will store either the current branch or tag ref. This depends on the action that caused the workflow. Source: https://help.github.com/en/actions/automating-your-workflow-with-github-actions/contexts-and-expression-syntax-for-github-actions#contexts – Patrick Jan 27 '20 at 15:07
  • 16
    This does not answer the actual question asked though which is how to access an environmental variable from `if:`... how is this done if it's truly an environnmental variable and not something you can just go fetch from the magic `github` context? – Josh Goebel Nov 13 '20 at 21:08
4

If you want to check an environment variable on job-level (refer to Github context), you can do like this:

env:
  MY_VAR: Dummy

jobs:
  build:
    name: Build
    runs-on: ubuntu-latest         
    outputs:
      myVar: ${{ steps.init.outputs.myVar }}
    
    steps:        
      - name: Environment variables to output 
        id: init
        run: |
          echo "myVar=${{ env.MY_VAR }}" >> $GITHUB_OUTPUT

And use it in another job:

  second_job:
    name: Second Job
    needs: build
    if: needs.build.outputs.myVar == 'Dummy'
yellowsoar
  • 33
  • 3
Baked Inhalf
  • 3,375
  • 1
  • 31
  • 45
  • 1
    sad one can't use the env variable directly without all that overhead...in my case, I just wanted to pull a condition into an env var, but it's not worth it with that solution. – Marian Klühspies Dec 12 '22 at 12:42
  • @MarianKlühspies It's by design. Maybe GitHub changes it in the future.. :) – Baked Inhalf Dec 14 '22 at 14:10
  • This has worked for me, thanks @BakedInhalf There's further explanation in the docs: https://docs.github.com/en/actions/using-jobs/defining-outputs-for-jobs – Carme May 24 '23 at 11:23
0

As @Claudio noted, the solution is to use env.MYVAR. For reference, I am sharing an example from my own use case: the presence of GitHub secrets will trigger docker publishing.

name: docker-image

on:
  push:
    branches: [ "main" ]
    paths: ["Dockerfile",".github/workflows/docker-image.yaml"]
  workflow_dispatch:


jobs:
  build-and-publish:
    runs-on: ubuntu-latest
    # Docker tags and credentials for DockerHub/GitHub Containers, customize!
    env:
      IMAGE_NAME: plantuml-docker
      IMAGE_VERSION: latest
      DOCKER_USER: ${{ secrets.DOCKER_USER }}
      DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
      GITHUB_TOKEN: ${{ secrets.PAT }}
      GITHUB_USER: ${{ github.actor }}
    steps:
    - uses: actions/checkout@v3
    - name: Build and tag the image
      run: |
        docker build . \
        --tag $DOCKER_USER/$IMAGE_NAME:$IMAGE_VERSION \
        --tag ghcr.io/$GITHUB_USER/$IMAGE_NAME:$IMAGE_VERSION
    - name: Publish to DockerHub
      if: env.DOCKER_PASSWORD != ''
      run: |
        docker login -u $DOCKER_USER -p $DOCKER_PASSWORD
        docker push $DOCKER_USER/$IMAGE_NAME:$IMAGE_VERSION
    - name: Publish to GitHub Container registry
      if: env.GITHUB_TOKEN != ''
      run: |
        docker login ghcr.io -u $GITHUB_USER -p $GITHUB_TOKEN 
        docker push ghcr.io/$GITHUB_USER/$IMAGE_NAME:$IMAGE_VERSION
Maciej Skorski
  • 2,303
  • 6
  • 14
-5

You can use some restrictions on the push section of the action

on:
  push:
    branches:    
      - '*'         # matches every branch that doesn't contain a '/'
      - '*/*'       # matches every branch containing a single '/'
      - '**'        # matches every branch
      - '!master'   # excludes master

This answer was taken from this stack overflow question

matias
  • 71
  • 6