"Context access might be invalid" warning thrown for repository variables and secrets

[afefer]

Describe the bug
After upgrading to 0.25.8, a "Context access might be invalid" warning is thrown for all repository variables and secrets in the workflow file. Refreshing the secrets/vars in the extension has no effect.

Expected behavior
Secrets/vars should not throw a "Context access might be invalid" warning.

Screenshots

Extension Version
v0.25.8

Additional context
Add any other context about the problem here.

[aschen-builder]

Also seeing this issue still with the latest release.

Previous issues #47 #61 and #67 stated the issue would be fixed with the next release, but issue continues to persist into release v0.25.8 and the change log seems to make no mention of a fix being deployed.

[moshest]

Any update on this?

[acharyasaagar]

I still see this as well; the extension version is v0.25.8

[evertonspader-tomtom]

Seeing the same here constantly with v0.25.8

[avh03]

Just wanted to confirm that the issue continues to persist in 0.25.8 (and it's feeling really annoying)

[anthony9187]

also seeing this constantly in v0.25.8 with env variables, but not secrets

[mickael-h]

Same here. A bit annoying indeed 👍

[Bohemus307]

Still persists kind of embarrassing for GH

[enriquepevida]

ah, i see this is an actual issue. i was going mad with this. Let´s hope it´s fixed soon.

[felipesu19]

Yep, its a bug. Moved to triage. No ETA on a fix, if someone makes a PR to fix, I'm happy to review it.

[PrimeTimeTran]

I uninstalled, reinstalled and restarted VSCode and then the warnings went away. v0.25.8

[techguydave]

I was receiving this error after installing the extension. Simply running the "Developer: Reload Window" command fixed it for me without needing to reinstall. So far it hasn't seemed to return yet, at least for repo secrets.

[japo32]

I was receiving this error after installing the extension. Simply running the "Developer: Reload Window" command fixed it for me without needing to reinstall. So far it hasn't seemed to return yet, at least for repo secrets.

I tried this but it came back :(

[adambirds]

Okay, at least in my instance, the issue seems to be because I have a setup like this:

organization/repo - Main repository. Secrets/vars are done on this.

myuser/repo - Fork which I do my work on before creating a merge to push to upstream/main. Therefore in actions, its thinks the vars/secrets don't exist because they existing the main repo not my fork. There should at least be a way of ignoring this specific error if this is the case.

[larouxn]

👋 Reporting in, still happening on v0.26.1.

There should at least be a way of ignoring this specific error if this is the case.

Agreed, there should at least be a # github-actions-extension ignore comment one can use.

[gregalia]

I get this warning for any environment variable exported in a previous step via echo "foo=bar" >>$GITHUB_ENV

v0.26.1

[JoelYoung01]

I uninstalled, reinstalled and restarted VSCode and then the warnings went away. v0.25.8

This worked for me.

[BertelBB]

This seems to only happen when environment property is dynamic.

[marano]

I get this error for all of my secrets, am I missing something?

[budokans]

Expected behavior
Secrets/vars should not throw a "Context access might be invalid" warning.

I actually like this warning. Because our YAML file has no access to production environment variables when we're editing it, it's a nice reminder to double-check our variable names.

[BertelBB]

Expected behavior
Secrets/vars should not throw a "Context access might be invalid" warning.

I actually like this warning. Because our YAML file has no access to production environment variables when we're editing it, it's a nice reminder to double-check our variable names.

That's one way of looking at it. I would say a more realistic view is that it will condition you to ignore the warnings which causes the opposite effect of what you described.

[drewagentsync]

I'm seeing this same behavior when pulling an output from a previous step through needs "Context access might be invalid". Is this being triggered by the value not being available to read because the previous step has not run? Just wondering as you'd think it could see the output it'd be pulling the value from is in the previous needed step.

[qortex]

I had this error on secrets. Turns out I wasn't properly signed in on github inside Vscode. Signing in and reloading fixed the issue.

[SaraGMatos]

Relogging into Actions and reloading window fixed the warning for me too!

[ezfe]

Joining the club asking about this - I've got dynamic environment variables and VS Code extension won't shut up about me referencing them

[fnfup]

I can also confirm this happens when you specify the jobs context environment property dynamically. It's not able to properly track that a variable exists. This is specific to "variables" my "secrets" seem to be tracked correctly.

[klausbadelt]

You need to understand how this works. it fetches variables name from your GitHub account if you have created a variable there it will not give any warning.

We do have all variables "in our GitHub account", still getting VS Code warnings.

[klausbadelt]

@jivea

After signin in the Github Actions extensions, I alos had to tick the "Use-enterprise" option in the Github Action extension settings. Repo belongs to an organization account. Hope this will help someone.

That just logs me out, without being able to log back in ("Sign in" button no longer works). I guess that's why you don't see the warnings - you're logged out. I suspect that's because now the Github-enterprise Uri is missing. (We do run a GitHub organization, but not GitHub enterprise).

[JoseEduardoCarrera]

This is my experience:

After opened .yml file for the first time, VS Code Askme to install the Github Action Extension, i get access to my secrets and variables in the lateral panel but in config i get the same warn message, but i restarted the VS Code Programm and the warn message dissapeared

[Hassen-Ahmed]

This worked for me after carefully adding GitHub Secrets, pushing/pulling my repo, and then pressing Ctrl + Shift + P and selecting "Developer: Reload Window.

[ssbarnea]

I want to use the language server for GHA without having the sidebar enabled but apparently that is required in order to access the secrets.

I would rather have an option to disable messages like this as they are distracting and incorrect. They should appear only when the extension can access secrets and fails to find them, not when it does not have access to them.

[sunski411]

If you installed the GitHub Actions extension, all you have to do is perform a Developer reload in VS code 'Developer: Reload Window' and the error should go away.

[scarecrow-11]

Restarting the VSCode Window doesn't seem to be working here.

[8192K]

In a devcontainer, the only way for me was to disable the extension, click reload and then enable it again.

[grantjoy]

After signin in the Github Actions extensions, I also had to tick the "Use-enterprise" option in the Github Action extension settings. Repo belongs to an organization account. Hope this will help someone.

This did it for me. Thank you @jivea!

[brimmann]

Restarting worked for me.

[OkkarMin]

Hello everyone,

After signin in the Github Actions extensions, I alos had to tick the "Use-enterprise" option in the Github Action extension settings. Repo belongs to an organization account. Hope this will help someone.

This worked for me!

[grantjoy]

Use-enterprise worked for a while until it stopped working. Downgrading to 0.25.7 got it working again.

Something changed between 0.25.7 and 0.25.8 that broke the auth for the extension and that bug persists today through all version after 0.25.7.

The error I see when moving from 0.25.7 and 0.25.8 (after authing in 0.25.7) is: Error running command github-actions.explorer.current-branch.refresh: command 'github-actions.explorer.current-branch.refresh' not found. This is likely caused by the extension that contributes github-actions.explorer.current-branch.refresh.

[boonyarit-iamsaard]

Here is my workaround, I switched from SSH to HTTPS and the warning disappeared. I hope this helps.

[ssbarnea]

While I can fully understand why this feature was implemented there is a significant number of power-users of GHA which might use advances workflows, where the static analysis fails.

I have another job that is producing the entire matrix for for running the matrix tests jobs, and I am using its output. Here is how is used:

    outputs:
      matrix: ${{ steps.generate_matrix.outputs.matrix }} # noqa: unknown-context
      # triggers ^ "Context access might be invalid: matrix"

The only way to avoid is is to have some kind of magic noqa comments to silence it, like the comment that I added in the snippet.

Looking at https://github.com/github/vscode-github-actions/graphs/contributors I realise that this extension is not really under any kinda of active maintenance. In fact the last change that worth being mentioned in the release notes was in may 2023 :)

Still, I hope that @thyeggman might find some time to help here, even it would be with a comment that just suggests how this could be addressed (code reference, prefered way to deal with it in code).

[grantjoy]

@boonyarit-iamsaard thanks for the suggestion but I run into the same problem using HTTPS as I do for SSH auth.

@ssbarnea I don't understand why they are still upgrading it at this point, as recently as 2 months ago. They broke it in 0.25.8 and just keep releasing broken versions.

[Zoltag]

Environment: WSL2 Ubuntu
Github Actions version: v0.26.5

I am using a mixed environment - Github Enterprise for our codebase and Github for external resources. When I select Use-Enterprise, external resources are shown to be unavailable and when I deselect this option, internal resources are unavailable

In the first screenshot, it shows invalid token warnings - A simple developer reload window + sign back into Github is enough to resolve these, but the Sonar action from github.com cannot be found

In the second screenshot, the secrets seem to be detected correctly (despite being in the Enterprise repo), but the action located in the enterprise git cannot be found (even though I am authenticated to both enterprise and public githubs, action resolution appears to be linked to the Use-Enterprise toggle, while secrets resolution seems to always work - albeit with some bugs)

[SantiiRepair]

If you installed the GitHub Actions extension, all you have to do is perform a Developer reload in VS code 'Developer: Reload Window' and the error should go away.

Not working

[rohityadav-sas]

@jivea

After signin in the Github Actions extensions, I alos had to tick the "Use-enterprise" option in the Github Action extension settings. Repo belongs to an organization account. Hope this will help someone.

That just logs me out, without being able to log back in ("Sign in" button no longer works). I guess that's why you don't see the warnings - you're logged out. I suspect that's because now the Github-enterprise Uri is missing. (We do run a GitHub organization, but not GitHub enterprise).

This worked for me

[gekh]

I have two actions for test and production branches. What helped me:

• Git: Checkout to... test
• Developer: Reload window
• Git: Checkout to... produciton
• Developer: Reload window

[tensor-works]

Still an issue almost 2 year later what is the github team doing

[Hecedu]

This issue is also triggered by using a supported feature in which one passes an environment variable as the environment name for a reusable job eg:

jobs:
  reusable_job:
    name: Reusable job for ${{inputs.environment}}
    runs-on: ubuntu-latest
    environment:
      name: ${{inputs.environment}}

This causes all references to environment variables to display the warning message, even if they have been properly defined in their respective environments.

[iann838]

When are we getting a suppression setting, seeing this sight every single time while contributing to open source for the past several years has been to the point of irritation.

[SteviePreston]

I had to sign in via the side using the GitHub Actions extension and do a full reload.
If you are on an enterprise repo, Enable Github-actions: Use-enterprise

[krukonshedul]

This is completely unable to handle dynamic output parameters, such as the ones from aws-actions/amazon-ecr-login@v2.
I'd be grateful for an ability to completely turn this particular validation off. It degrades my experience significantly more than it does provide any value.

[mitsukuri]

Still an issue almost 2 year later what is the github team doing

Serving the board of directors who serve the investors who staked all their money on AI