Use the GitHub Actions Drone plugin
GitHub Actions are a GitHub feature that enable you to automate various event-driven activities in GitHub, such as cloning a repository, generating Docker images, and testing scripts.
Harness CI supports launching GitHub Actions as part of a pipeline stage using the generic Plugin step or the GitHub Action plugin steps.
This topic describes how to use the GitHub Actions Drone plugin in a Plugin step to run GitHub Actions. When your pipeline runs, the Github Actions Drone Plugin runs the GitHub Action in the background using nektos/act.
For information about the specialized GitHub Action plugin step, go to Use the GitHub Action plugin step.
These steps assume you have a CI pipeline with a Build stage that is connected to your codebase and has defined build infrastructure.
If you've never created a CI pipeline before, get started with the fastest CI on the planet or try the Kubernetes cluster build infrastructure tutorial. If you're new to Harness CI, you might want to review Harness CI concepts and CI pipeline concepts.
Add Build stage and connect codebase
Make sure you have a CI pipeline with a Build stage that is connected to your codebase.
To add a Build stage to an existing pipeline:
- Go to the pipeline you want to edit.
- In the Pipeline Studio, select Add Stage, and then select Build.
- Enter a Stage Name, enable Clone Codebase, and then select Set Up Stage.
To check codebase configuration for existing pipelines, select Codebase while viewing the pipeline in the Pipeline Studio. For more information about codebase configuration, go to Create and Configure a Codebase.
Define build infrastructure
- In the Pipeline Studio, select the Build stage, and then select the Infrastructure tab.
- Define the build farm for the codebase. For more information, go to Set up build infrastructure.
For more information about stage configuration, go to CI Build stage settings.
You can use expressions or Runtime Inputs for Platform settings.
Add the Plugin step
In your pipeline's Build stage, and a Plugin step.
Enter a Name and optional Description.
For Container Registry, select a container registry connector that has DockerHub access.
In the Image field, enter the name of the GitHub Actions Drone Plugin image:
Expand the Optional Configuration, and select Privileged.
The GitHub Actions Drone Plugin uses nektos/act to run GitHub Actions in Harness CI. It requires DinD (Docker-in-Docker) to run your images. Hence, the Privileged attribute needs to be enabled to run with escalated permissions.
Define variables and attributes
Use Settings to specify the Github Action you want to use and to pass variables and attributes required by the Action and the Drone Plugin. You must specify
with. You can use
env to specify environment variables, such as GitHub tokens to access private Action repos.
|Key||Description||Value format||Value example|
|Required. Specify the Action's repo, along with a branch or tag.|
|Required. Provide a map of key-value pairs representing settings required by the GitHub Action itself.|
|Optional. Specify a map of environment variables to pass to the Action.|
You can use variable expressions for these values, such as
credentials: <+stage.variables.[TOKEN_SECRET]>, which uses a stage variable.
- Visual editor example
- YAML example
connectorRef: dockerhub # Your Docker connector ID
uses: google-github-actions/upload-cloud-storage@main # The GitHub Action you want to use
with: # Action settings
For more examples of GitHub Actions in Plugin steps, go to the GitHub Actions Support in Harness CI blog post.
Private Action repos
If you want to use an Action composite that is located in a private repository, you must add a
GITHUB_TOKEN environment variable to the
env settings. You need a GitHub personal access token that has pull permissions to the target repository. Additional permissions may be necessary depending on the Action's purpose.
If you have multiple environment variables, add the
GITHUB_TOKEN variable to the existing
You can use a variable expressions, such as
<+secrets.getValue("[SECRET_NAME]")> to call a token stored as a Harness Secret.
Here's an example of the YAML for a
Plugin step using a private Action repo:
name: private action
Test your pipeline
- Select Apply Changes to save the step settings, and then select Save to save the pipeline.
- Select Run to test the pipeline.
You can observe the GitHub Action in the build's logs.
Pipeline YAML example
The following YAML example includes a
Plugin step that uses the Google
upload-cloud-storage GitHub Action. The comments indicate values you must modify to use this code in your own Harness account.
name: gcp-upload-github-action # Configure your Pipeline name
identifier: gcpuploadgithubaction # Configure your Pipeline identifier
projectIdentifier: Demo_CI_pipelines # Configure your Project identifier
orgIdentifier: default # Configure your Organization
identifier: gcp_upload_success_gha # Configure your Stage identifier
name: stage 1
- name: GCP_SECRET_KEY_BASE64 # Configure your Secret Key Name
value: gcpbase64secret # Configure your Secret Key Value
identifier: gcsuploader # Configure your step identifier name
name: step one # Configure your step name
settings: # Configure your plugins Settings configuration
infrastructure: # Configure your Infrastructure Settings
codebase: # Configure your Codebase