Triggering a new workflow from another workflow?

Question

Can I trigger a new workflow from another workflow?

I'm trying to run a workflow after the first workflow has pushed a new release and it seems to ignore it.

Answer 1

As described here, you can trigger another workflow using the workflow_run event.

For example we could think of two workflow definitions like this (the only prerequisite is, that both reside in the same repository - but I am sure, there's also an event for other repos as well):

release.yml

name: CI release

on: [push]

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v2

    - name: Release artifact
      run: ...

do-something-different.yml

name: Do anything after the release of the first workflow

on:
  workflow_run:
    workflows: ["CI release"]
    types:
      - completed

jobs:
  notify:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v2

      - name: Do something
        run: ...

A crucial point here is that the name: CI release definition of the first yaml file must exactly match the workflow_run: workflows: ["CI release"] definition in the second yaml file. Another point is that this approach needs to be done on the default branch (which is mostly main or master) as the docs state:

Note: This event will only trigger a workflow run if the workflow file is on the default branch.

Answer 2

Found the answer here:

An action in a workflow run can't trigger a new workflow run. For example, if an action pushes code using the repository's GITHUB_TOKEN, a new workflow will not run even when the repository contains a workflow configured to run when push events occur.

EDIT: The quote above might be confusing. When I add a Personal Access Token (PAT) to the checkout action with repo permissions granted (and not repository's GITHUB_TOKEN), the following commands DO trigger other workflows:

        - name: Checkout Repo
          uses: actions/checkout@v2
          with:
              token: ${{ secrets.PAT_TOKEN }}

(In my case, running semnatic-release after this checkout, which creates a new release with a new tag - did trigger another workflow that runs only if a tag was created)

Answer 3

If you don't want to use a general Personal Access Token (which has access to all of your repos), you can generate a dedicated SSH keypair for this purpose and add it to the repository as a Deploy Key. This is done as follows:

1. Generate an SSH keypair:

   ssh-keygen -N "" -f deploy_key -C "github-actions"
   

2. Add the private key (generated file deploy_key) as an encryped secret, e.g. COMMIT_KEY to the GitHub project.

   

3. Add the public key (generated file deploy_key.pub) as a deploy key with write access to the GitHub project. Tick the Allow write access checkbox.

   

4. When checking out the source code in your workflow, add the SSH key:

   - name: Checkout
     uses: actions/checkout@v3
     with:
       ssh-key: "${{secrets.COMMIT_KEY}}"
   

Subsequent push actions in the same workflow will then trigger any configured GitHub workflow as if they were pushed manually.

Answer 4

My Case:

Frontend Branch( 1st Workflow) Backend Branch (2nd Workflow)

I Wanted to trigger 2nd Workflow from 1st Workflow(here i was pushing some files to backend branch)

Intially used github token to achieve but found it will not work as it doesn't have priviledges.

I used PAT or Deploy token to acheive this

If using PAT token, then in WORKflow 1

 - uses: actions/checkout@v2
      with:
        persist-credentials: false

...... .....

..

- name: Push changes
      uses: ad-m/github-push-action@master
      with:
        github_token: ${{ secrets.GITHUB_TOKEN }}
        branch: ${{ github.ref }}

If using Deploy (first create SSh keys)

- uses: actions/checkout@v3
  with:
    ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}
    persist-credentials: true

..... .. .....

- name: Push changes
  uses: ad-m/github-push-action@master
  with:
    ssh: true
    branch: ${{ github.ref }}

For More REF HERE