jahed.dev

Triggering GitHub Actions from Commits by Other Actions

It's been well over a year now since I started using GitHub Actions for most of my maintenance automations. There were a few hiccups in the early days with caching and uptime but nowadays it's pretty stable.

One behaviour that hasn't been resolved however is how actions are triggered. Essentially, if you have an action triggered on push, that won't trigger if the push was performed by another action. This is clearly to avoid infinite loops of actions triggering each other, but for my use case, it was needed.

One of my projects, node-terraform, has a scheduled action that checks if a new version of Terraform has been released. If it has it updates the repo with some file hashes and bumps the version. This is done in one commit, which once pushed should then trigger a release action. That of course doesn't happen so I've had to manually trigger a release which in the long run was a nuisance.

I could do this entire flow in a single action, but I prefer actions as individual workers made for specific tasks. The job of the scheduled action is to update the version, nothing more. There is also the question of the decision to couple versioning with Terraform's releases, but that's a different topic; in short, any redesign is pointless as tfenv exists.

Right now I have a problem that needs automation. How do I trick GitHub into letting my action trigger another action?

The identity is clearly tied to the push so it must have something to do with Git. So checking the actions/checkout action, I noticed it lets you use a token or an ssh-key to override the default action-specific token.

First I tried token. I created a "Personal Access Token" for the automation account and dropped it in. It didn't work. Next I tried ssh-key. I generated an SSH key, added the public key to "Deploy keys" under the repository's Settings and dropped in the private key. It worked! That was easier than expected.

Thanks for reading.