这是indexloc提供的服务,不要输入任何密码
Skip to content

feat: add GitHub Actions environment variable as default passthru #10740

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat: add GitHub Actions environment variable as default passthru #10740

wants to merge 2 commits into from
+3 −0

Conversation

@louis-bompart
Copy link

@louis-bompart louis-bompart commented Aug 6, 2025
edited
Loading

Description

Allowing those variables to pass through by default would make using turborepo with GitHub Actions more seamless.

For example, NPM relies on GITHUB_ACTIONS for automatic provenance detection. (see https://github.com/npm/cli/blob/5d82d0b4a4bd1424031fb68b4df740c1bbe5b172/lib/utils/oidc.js#L11) By obfuscating the variable, it can be pretty confusing for users of both turborepo and npm as to why the provenance generation stopped working (don't ask me how I know).

Testing Instructions

(I'll be honest, I did not test it, but essentially follow the footstep of #9235, just with some GitHub sprinkles on top.)

@louis-bompart
feat: add GitHub Actions environment variable as default passthru
7499b6b 
Allowing those variables to pass through by default would make using turborepo with GitHub Actions more seamless.

For example, NPM relies on `GITHUB_ACTIONS` for automatic provenance detection. (see https://github.com/npm/cli/blob/5d82d0b4a4bd1424031fb68b4df740c1bbe5b172/lib/utils/oidc.js#L11)
By obfuscating the variable, it can be pretty confusing for users of both turborepo and npm as to why the provenance generation stopped working (don't ask me how I know).
@louis-bompart louis-bompart requested a review from a team as a code owner August 6, 2025 20:06
@vercel
Copy link
Contributor

vercel bot commented Aug 6, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
examples-basic-web Ready Ready Preview Comment Sep 29, 2025 11:06pm
examples-designsystem-docs Ready Ready Preview Comment Sep 29, 2025 11:06pm
examples-tailwind-web Ready Ready Preview Comment Sep 29, 2025 11:06pm
examples-vite-web Ready Ready Preview Comment Sep 29, 2025 11:06pm

@vercel
Copy link
Contributor

vercel bot commented Aug 6, 2025

@louis-bompart is attempting to deploy a commit to the Vercel Team on Vercel.

A member of the Team first needs to authorize it.

@louis-bompart
Copy link
Author

louis-bompart commented Aug 6, 2025

A bit more esoteric but related to the same initial problem (npm publish with provenance fails if executed through turborepo), I think it might be good to add ACTIONS_ID_TOKEN_REQUEST_TOKEN and ACTIONS_ID_TOKEN_REQUEST_URL to the passthru which is used for OIDC (and by extension npm publishing w/ provenance) with GitHub Actions:
https://docs.github.com/en/actions/reference/security/oidc

@louis-bompart louis-bompart mentioned this pull request Aug 6, 2025
Merged
github-merge-queue bot pushed a commit to coveo/ui-kit that referenced this pull request Aug 6, 2025
@louis-bompart
chore: ensure github-actions detection by npm can work (#5842)
31ee873 
https://coveord.atlassian.net/browse/KIT-4720
and + some for Quantic, just playin' safe.

Fix-it-twice maybe in vercel/turborepo#10740
github-merge-queue bot pushed a commit to coveo/ui-kit that referenced this pull request Aug 6, 2025
@louis-bompart
chore: ensure github-actions detection by npm can work (#5842)
3e2f515 
https://coveord.atlassian.net/browse/KIT-4720
and + some for Quantic, just playin' safe.

Fix-it-twice maybe in vercel/turborepo#10740
github-merge-queue bot pushed a commit to coveo/ui-kit that referenced this pull request Aug 7, 2025
@louis-bompart
chore: ensure github-actions detection by npm can work (#5842)
ef6806c 
https://coveord.atlassian.net/browse/KIT-4720
and + some for Quantic, just playin' safe.

Fix-it-twice maybe in vercel/turborepo#10740
anthonyshew
anthonyshew approved these changes Sep 29, 2025
View reviewed changes
Copy link
Contributor

@anthonyshew anthonyshew left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you. 👍

@charpeni
Copy link
Contributor

charpeni commented Nov 13, 2025

@anthonyshew: That would be amazing if we could get this merged. I believe this is a blocker for adoption, or at least, a friction, as most nice CI features aren't working by default when using Turborepo because the GITHUB_ACTIONS environment variable isn't exposed. E.g., GitHub Annotations from test runners.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@anthonyshew anthonyshew anthonyshew approved these changes

@tknickman tknickman Awaiting requested review from tknickman tknickman is a code owner automatically assigned from vercel/turbo-oss

@chris-olszewski chris-olszewski Awaiting requested review from chris-olszewski chris-olszewski is a code owner automatically assigned from vercel/turbo-oss

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@louis-bompart @charpeni @anthonyshew