On Wed, Aug 30, 2023 at 10:07:35AM +0200, Johannes Schindelin wrote: > > My gut feeling is that we should be able to do something with env > > variables [...] > > Environment variables need an environment, i.e. a running build agent. > That's why they aren't available in our use case, but only inside a step > (which is too late for our purposes). Yeah, sorry I was a bit loose with my language. I meant "variables set from the GitHub UI that are often used as env variables". :) > > [...] it seems that the "vars" context (but not "secrets") is available > > to "jobs.*.if". I'm not sure if I missed before, or if that's a new > > feature since the last time I checked. > > I had missed that, too. It was announced here: > https://github.blog/2023-01-10-introducing-required-workflows-and-configuration-variables-to-github-actions/#configuration-variables > (I must have glanced over that post when I saw it because it talked about > required workflows, which are currently irrelevant to my interests). Yeah, I found that, too (after sending my email). So it looks like this is a good, supported path for going forward. I have a working patch that can replace the ci/config/allow-ref script. We can't totally ditch the "config" job with it, as there are other things it does, but it's possible those can be migrated, too. IMHO the allow-ref one is the _most_ important, though, because it addresses the case of "everything should be skipped". Taking that from spinning up one VM per ref to zero is very good. I'll post that patch later today. > FWIW I was unable to deduce any authoritative information as to where the > `secrets` context can be accessed from > https://docs.github.com/en/actions/learn-github-actions/contexts#secrets-context, > but I must assume that access to that context is highly restricted and > probably cannot be used outside the `steps:` attribute, explaining why a > job-level (and in my previous tests, even step-level) `if:` condition > cannot access them. I found the "vars" context through this table: https://docs.github.com/en/actions/learn-github-actions/contexts#context-availability which does show where "secrets" is available. -Peff