Variables
AtomGit Action supports various types of variables used to pass configuration information and sensitive data in workflows.
4.1 Variable Types
env Variables (Custom Environment Variables)
Environment variables defined at the workflow, job, or step level using the env: keyword, which are directly injected as system environment variables into the Runner.
env:
GLOBAL_VAR: global_value # workflow level
jobs:
build:
env:
JOB_VAR: job_value # job level
steps:
- name: Step
env:
STEP_VAR: step_value # step level
run: echo "$GLOBAL_VAR $JOB_VAR $STEP_VAR"
In the
run:script, they can be used directly as system environment variables ($VAR_NAME), and in expressions, use${{ env.VAR_NAME }}.
vars Variables (Configuration Variables)
Non-sensitive configuration variables defined on the AtomGit platform settings page, managed at the organization/project level.
- Organization-level vars: Available for all projects under the organization
- Project-level vars: Available only for the current project
Access: ${{ vars.VAR_NAME }}
secrets Variables (Encrypted Secrets)
Sensitive encrypted data defined on the AtomGit platform settings page, managed at the organization/project level.
- Organization-level secrets: Available for all projects under the organization
- Project-level secrets: Available only for the current project
- Environment-level secrets: Bound to a specific deployment environment
Access: ${{ secrets.SECRET_NAME }}
Log Sanitization: All secret values are automatically replaced with
***in log outputs, preventing leakage through logs.
inputs Variables (Workflow Input Parameters)
Parameters defined in inputs: of workflow_dispatch or workflow_call.
Access: ${{ inputs.INPUT_NAME }}
inputs type specifications:
The inputs of AtomGit Action only support string type. All input values are strings.
| type | Value Type | Required Field | Optional Field | Description |
|---|---|---|---|---|
string | string | - | description, required, default | Any string |
4.2 Variable Priority
When variables with the same name are defined at different levels, the priority from highest to lowest is:
step > job > workflow
That is: step-level env > job-level env > workflow-level env.
For vars and secrets, project-level > organization-level (project-level variables with the same name override organization-level ones).
4.3 Full List of ATOMGIT_* System Variables
AtomGit Runner automatically injects the following system environment variables when running each workflow:
| System Variable | Description | Example Value |
|---|---|---|
ATOMGIT_TOKEN | Workflow authentication token (auto-generated, used for API calls) | ghs_xxxxx |
ATOMGIT_SHA | SHA of the triggering commit | a1b2c3d4e5f6... |
ATOMGIT_REF | Full name of the triggering reference | refs/heads/main |
ATOMGIT_REF_NAME | Short name of the triggering reference | main |
ATOMGIT_REF_TYPE | Reference type | branch / tag |
ATOMGIT_EVENT_NAME | Name of the triggering event | push |
ATOMGIT_EVENT_PATH | Path to the event payload JSON file | /home/runner/_temp/_atomgit_workflow/event.json |
ATOMGIT_WORKSPACE | Runner workspace path | /home/runner/workspace/repo |
ATOMGIT_ACTION | Current Action name | my-action |
ATOMGIT_REPOSITORY | Repository full name | owner/repo |
ATOMGIT_REPOSITORY_OWNER | Repository owner organization | myorg |
ATOMGIT_RUN_ID | Workflow run ID | 12345 |
ATOMGIT_RUN_NUMBER | Workflow run number | 42 |
ATOMGIT_RUN_ATTEMPT | Retry count | 1 |
ATOMGIT_WORKFLOW | Workflow name | CI Pipeline |
ATOMGIT_HEAD_REF | PR source branch (only for PR events) | feature/new-api |
ATOMGIT_BASE_REF | PR target branch (only for PR events) | main |
ATOMGIT_SERVER_URL | AtomGit platform root URL | https://atomgit.com |
ATOMGIT_API_URL | AtomGit API base URL | https://api.atomgit.com |
ATOMGIT_GRAPHQL_URL | AtomGit GraphQL API URL | https://api.atomgit.com/graphql |
ATOMGIT_OUTPUT | Path to the step output file | See workflow command reference |
ATOMGIT_ENV | Path to the step environment variable file | See workflow command reference |
ATOMGIT_PATH | Path to the step system PATH file | See workflow command reference |
ATOMGIT_STEP_SUMMARY | Path to the step summary file | See workflow command reference |
ATOMGIT_ACTIONS_ALLOW_UNSECURE_COMMANDS | Whether to allow insecure commands | false (default) |
ATOMGIT_ACTION_REPOSITORY | Action source repository | owner/action-repo |
ATOMGIT_ACTION_REF | Action source reference | v1 |
Note:
ATOMGIT_TOKENis valid only during the workflow run and becomes invalid after the run. Do not persist this token.