跳到主要内容

Variables

AtomGit Action supports various types of variables used to pass configuration information and sensitive data in workflows.

4.1 Variable Types

env Variables (Custom Environment Variables)

Environment variables defined at the workflow, job, or step level using the env: keyword, which are directly injected as system environment variables into the Runner.

env:
GLOBAL_VAR: global_value # workflow level
jobs:
build:
env:
JOB_VAR: job_value # job level
steps:
- name: Step
env:
STEP_VAR: step_value # step level
run: echo "$GLOBAL_VAR $JOB_VAR $STEP_VAR"

In the run: script, they can be used directly as system environment variables ($VAR_NAME), and in expressions, use ${{ env.VAR_NAME }}.

vars Variables (Configuration Variables)

Non-sensitive configuration variables defined on the AtomGit platform settings page, managed at the organization/project level.

  • Organization-level vars: Available for all projects under the organization
  • Project-level vars: Available only for the current project

Access: ${{ vars.VAR_NAME }}

secrets Variables (Encrypted Secrets)

Sensitive encrypted data defined on the AtomGit platform settings page, managed at the organization/project level.

  • Organization-level secrets: Available for all projects under the organization
  • Project-level secrets: Available only for the current project
  • Environment-level secrets: Bound to a specific deployment environment

Access: ${{ secrets.SECRET_NAME }}

Log Sanitization: All secret values are automatically replaced with *** in log outputs, preventing leakage through logs.

inputs Variables (Workflow Input Parameters)

Parameters defined in inputs: of workflow_dispatch or workflow_call.

Access: ${{ inputs.INPUT_NAME }}

inputs type specifications:

The inputs of AtomGit Action only support string type. All input values are strings.

typeValue TypeRequired FieldOptional FieldDescription
stringstring-description, required, defaultAny string

4.2 Variable Priority

When variables with the same name are defined at different levels, the priority from highest to lowest is:

step > job > workflow

That is: step-level env > job-level env > workflow-level env.

For vars and secrets, project-level > organization-level (project-level variables with the same name override organization-level ones).

4.3 Full List of ATOMGIT_* System Variables

AtomGit Runner automatically injects the following system environment variables when running each workflow:

System VariableDescriptionExample Value
ATOMGIT_TOKENWorkflow authentication token (auto-generated, used for API calls)ghs_xxxxx
ATOMGIT_SHASHA of the triggering commita1b2c3d4e5f6...
ATOMGIT_REFFull name of the triggering referencerefs/heads/main
ATOMGIT_REF_NAMEShort name of the triggering referencemain
ATOMGIT_REF_TYPEReference typebranch / tag
ATOMGIT_EVENT_NAMEName of the triggering eventpush
ATOMGIT_EVENT_PATHPath to the event payload JSON file/home/runner/_temp/_atomgit_workflow/event.json
ATOMGIT_WORKSPACERunner workspace path/home/runner/workspace/repo
ATOMGIT_ACTIONCurrent Action namemy-action
ATOMGIT_REPOSITORYRepository full nameowner/repo
ATOMGIT_REPOSITORY_OWNERRepository owner organizationmyorg
ATOMGIT_RUN_IDWorkflow run ID12345
ATOMGIT_RUN_NUMBERWorkflow run number42
ATOMGIT_RUN_ATTEMPTRetry count1
ATOMGIT_WORKFLOWWorkflow nameCI Pipeline
ATOMGIT_HEAD_REFPR source branch (only for PR events)feature/new-api
ATOMGIT_BASE_REFPR target branch (only for PR events)main
ATOMGIT_SERVER_URLAtomGit platform root URLhttps://atomgit.com
ATOMGIT_API_URLAtomGit API base URLhttps://api.atomgit.com
ATOMGIT_GRAPHQL_URLAtomGit GraphQL API URLhttps://api.atomgit.com/graphql
ATOMGIT_OUTPUTPath to the step output fileSee workflow command reference
ATOMGIT_ENVPath to the step environment variable fileSee workflow command reference
ATOMGIT_PATHPath to the step system PATH fileSee workflow command reference
ATOMGIT_STEP_SUMMARYPath to the step summary fileSee workflow command reference
ATOMGIT_ACTIONS_ALLOW_UNSECURE_COMMANDSWhether to allow insecure commandsfalse (default)
ATOMGIT_ACTION_REPOSITORYAction source repositoryowner/action-repo
ATOMGIT_ACTION_REFAction source referencev1

Note: ATOMGIT_TOKEN is valid only during the workflow run and becomes invalid after the run. Do not persist this token.