vscode-github-actions: "Context access might be invalid" warning thrown for repository variables and secrets

Expected behavior Secrets/vars should not throw a “Context access might be invalid” warning.

I actually like this warning. Because our YAML file has no access to production environment variables when we’re editing it, it’s a nice reminder to double-check our variable names.

I was receiving this error after installing the extension. Simply running the “Developer: Reload Window” command fixed it for me without needing to reinstall. So far it hasn’t seemed to return yet, at least for repo secrets.

Expected behavior Secrets/vars should not throw a “Context access might be invalid” warning.

I actually like this warning. Because our YAML file has no access to production environment variables when we’re editing it, it’s a nice reminder to double-check our variable names.

That’s one way of looking at it. I would say a more realistic view is that it will condition you to ignore the warnings which causes the opposite effect of what you described.

Also seeing this issue still with the latest release.

Previous issues #47 #61 and #67 stated the issue would be fixed with the next release, but issue continues to persist into release v0.25.8 and the change log seems to make no mention of a fix being deployed.

Here are my steps to resolve the warningContext access might be invalid: TOKEN:

1. Install the GitHub Actions extension in VS Code.
2. Open the GitHub Actions tab and ensure that you are logged in and have fetched the action info for your Git repository.
3. In the SETTINGS section, verify the presence of the variables you have set under “Environments” and “Secrets”.
4. If the warning persists, try running “Refresh current branch” from the Command Palette. Alternatively, you can restart VS Code.

Hello everyone,

After signin in the Github Actions extensions, I alos had to tick the “Use-enterprise” option in the Github Action extension settings. Repo belongs to an organization account. Hope this will help someone.

This was fixed for me by opening the GitHub actions side panel, making sure its logged in, refreshing, then opening the Secrets dropdown. Then after that, I ran the vscode command > Developer: Reload Window.

Now it is working fine.

This still happens with all dynamically generated environment variables and is pretty annoying

I uninstalled, reinstalled and restarted VSCode and then the warnings went away. v0.25.8

This worked for me.

Here are my steps to resolve the warningContext access might be invalid: TOKEN:

1. Install the GitHub Actions extension in VS Code.
2. Open the GitHub Actions tab and ensure that you are logged in and have fetched the action info for your Git repository.
3. In the SETTINGS section, verify the presence of the variables you have set under “Environments” and “Secrets”.
4. If the warning persists, try running “Refresh current branch” from the Command Palette. Alternatively, you can restart VS Code.

This comment above in combination with running “Developer: Reload window” worked for me.

👋 Reporting in, still happening on v0.26.1.

There should at least be a way of ignoring this specific error if this is the case.

Agreed, there should at least be a # github-actions-extension ignore comment one can use.

Unfortunately, even if the GitHub Actions extension is successfully logged in and Environments/Secrets/Variables are visible in the sidebar, I’m still having the issue. The lint warnings still appear if the variable is defined in a previous step via >> $GITHUB_ENV, such as in this example: (I’m using version 0.26.2 if it matters)

Thanks @iuritorres for writing this up! I was able to resolve this in my repo using some of the information here. Adding environment kept giving me errors, but by adding

env:
  MY_VAR:

to the job in my workflow file, I was able to get the plugin to stop flagging uses of env.MY_VAR. Not sure if this is a hack, but it worked for me

edit: clarity

I had this error on secrets. Turns out I wasn’t properly signed in on github inside Vscode. Signing in and reloading fixed the issue.

How does one “sign in to GitHub inside VS Code”?

And I’d argue this is a bug regardless; if you’re not signed in, then it should just assume all variables are fine, not spam you with spurious warnings.

This seems to only happen when environment property is dynamic.

Just wanted to confirm that the issue continues to persist in 0.25.8 (and it’s feeling really annoying)

I was receiving this error after installing the extension. Simply running the “Developer: Reload Window” command fixed it for me without needing to reinstall. So far it hasn’t seemed to return yet, at least for repo secrets.

I tried this but it came back 😦

V0.26.2 - as long as you are logged in and have given access to the extension, make sure you execute Developer: Reload Window (or restart VSCode). I also had this issue until performing both these steps. Hope that helps someone.

I had this error on secrets. Turns out I wasn’t properly signed in on github inside Vscode. Signing in and reloading fixed the issue.

Still persists kind of embarrassing for GH

Unfortunately, even if the GitHub Actions extension is successfully logged in and Environments/Secrets/Variables are visible in the sidebar, I’m still having the issue. The lint warnings still appear if the variable is defined in a previous step via >> $GITHUB_ENV, such as in this example: (I’m using version 0.26.2 if it matters)

I have exactly the same issue as yours. Quite annoying. (version 0.26.2)

I have found a solution that works at least for me. SECRET squiggles and ENVIRONMENT squiggles have had different causes (in my case at least).

1. In order to get rid of SECRET warning squiggles I had to properly login and then reload the screen (that was resolved easy, thanks to comments before). Secrets are defined in same repo, where this workflow .yaml file is located.
2. To remove warning squiggles from ENVIRONMENT variables, I had to add env: statement with definition of each Environment variable I was about to use in particular Step. Example:

This Step definition causes warning squiggles to appear under env.TAG_VERSION (BAD):

- name: Build x86 Image
        uses: docker/build-push-action@v3
        with:
          context: .
          file: DockerfileAMD
          platforms: linux/amd64
          tags: username/image_name:${{ env.TAG_VERSION }} 

How this warning looks like in IDE:

Now, this Step definition REMOVES warning squiggles under env.TAG_VERSION (GOOD):

- name: Build x86 Image
        uses: docker/build-push-action@v3
        env:
          TAG_VERSION: ${{ env.TAG_VERSION }} 
        with:
          context: .
          file: DockerfileAMD
          platforms: linux/amd64
          tags: username/image_name:${{ env.TAG_VERSION }} 

How this looks like now:

How my Environment variables are defined (in previous prior to Build x86 Image Step ):

echo "TAG_VERSION=12345" >> $GITHUB_ENV

There is no other place in whole repository where I would somehow mention to use this Environment variable; the mentioned definitions were enough for me.

Although my workflow was working well even without adding this env: property, adding it have resolved my issue with warning squiggles.

Hey guys, i think some of you are forgetting to set the environment before setting environment variables…

With the Github Actions VSCode Extension (i really recommend to use this if you intend to keep using GitHub Actions), in the “GitHub Actions” tab in left sidebar menu, (ensure that you’re already logged in with your GitHub account), you can see which environment you env-variable is:

In my case, TEST(Environment) > TESTEE (Variable)

With that in mind, you have to set you environment in your job before calling the enviroments variables, just like this:

run-program:
  runs-on: ubuntu-latest
  needs: build
  
  environment: TEST # set environment
  env:              # and then... call your variables
    TESTEE: ${{ vars.TESTEE }}

  steps:
    - name: Check out repository code
      uses: actions/checkout@v4

    - name: Run main file
      run: python app/main.py

I hope this can help you, have a nice day! 😄

However, this will cause VSCode to color this folder yellow, override source control’s color. I can’t tell if any project is committed or not as all my project folders are alway marked yellow. I might forget to commit changes for that reason.

I get this warning for any environment variable exported in a previous step via echo "foo=bar" >>$GITHUB_ENV

v0.26.1

Yep, its a bug. Moved to triage. No ETA on a fix, if someone makes a PR to fix, I’m happy to review it.

Would be great if this could work without requiring github login. I would be completely fine with it assuming the required secrets exist when it doesn’t know otherwise.

also seeing this constantly in v0.25.8 with env variables, but not secrets

For me I had to log into Github in the GithubActions plugin, and Developer: Reload Window and then it worked.

I’m seeing this on ${{ env.STORE_PATH }}

Same here. Restarting VS Code after install and login fixed the issue for me!

ah, i see this is an actual issue. i was going mad with this. Let´s hope it´s fixed soon.

Relogging into Actions and reloading window fixed the warning for me too!

You need to understand how this works. it fetches variables name from your GitHub account if you have created a variable there it will not give any warning.

- Context access might be invalid: PHPSESSID
- Contains the names and values of secrets that are available to a workflow run. For more information

Giving a Warning due to PHPSESSID is not in my Github secrets.

If the warning persists even after adding the variable in GitHub, consider reloading VS Code.

How should this work for callable workflows? The plugin obviously can’t know if necessary secrets/vars are in place in the repository which invokes my callable workflow.

There should definitely be a enable/disable for this feature.

In case someone else has the same problem, I used the remote name origin for my personal fork and upstream for the org fork (which has the secrets), so I had to update this setting:

Here are my steps to resolve the warningContext access might be invalid: TOKEN:

1. Install the GitHub Actions extension in VS Code.
2. Open the GitHub Actions tab and ensure that you are logged in and have fetched the action info for your Git repository.
3. In the SETTINGS section, verify the presence of the variables you have set under “Environments” and “Secrets”.
4. If the warning persists, try running “Refresh current branch” from the Command Palette. Alternatively, you can restart VS Code.

Yeah, this worked for me, thanks for sharing.

I’m using Github Actions v0.26.2.

How does one “sign in to GitHub inside VS Code”?

Open the “github actions” extension side-panel and click “Sign in with Github”.

Authenticating this extension with Github worked for me.

And I’d argue this is a bug regardless; if you’re not signed in, then it should just assume all variables are fine, not spam you with spurious warnings.

I agree this is still a bug, but Instead of assuming all variables are correct (which could easily be mistaken for being a valid secret) it should indicate that secrets (and potentially other checks) cannot be verified until authenticated. This extension requires authentication for a lot of features.

Okay, at least in my instance, the issue seems to be because I have a setup like this:

organization/repo - Main repository. Secrets/vars are done on this.

myuser/repo - Fork which I do my work on before creating a merge to push to upstream/main. Therefore in actions, its thinks the vars/secrets don’t exist because they existing the main repo not my fork. There should at least be a way of ignoring this specific error if this is the case.

Same here. A bit annoying indeed 👍

I still see this as well; the extension version is v0.25.8

Any update on this?

For me, it seems to be working out of the box now, without having to apply any of the proposed fixes from here

@maksims-terjohins - thanks, this solved the problem for me too.

Thanks @iuritorres for writing this up! I was able to resolve this in my repo using some of the information here. Adding environment kept giving me errors, but by adding

env:
  MY_VAR:

to the job in my workflow file, I was able to get the plugin to stop flagging uses of env.MY_VAR. Not sure if this is a hack, but it worked for me

edit: clarity

This worked for me.

Didn’t saw it mentioned, so… dumb workaround if anyone needs:

${{ fromJSON(toJSON(secrets)).MY_LITTLE_SECRET }}

Easy to restore proper syntax when/if fix comes.

I signed in to github after installing the extension and saw the secrets errors. I completely quit VS Code and re-opened it again and the secrets were no longer throwing any warnings. 😃

I’m seeing this same behavior when pulling an output from a previous step through needs “Context access might be invalid”. Is this being triggered by the value not being available to read because the previous step has not run? Just wondering as you’d think it could see the output it’d be pulling the value from is in the previous needed step.

Seeing the same here constantly with v0.25.8