Solvedtoolkit No way to set the ACTIONS_ALLOW_UNSECURE_COMMANDS variable.

JJ
55

This is probably a LTA error issue, more than other kind of problem. When set-env is used, this is the recommendation issued:

The `set-env` command is disabled. Please upgrade to using Environment Files or opt into unsecure command execution by setting the `ACTIONS_ALLOW_UNSECURE_COMMANDS` environment variable to `true`. For more information see: https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/

All's good and well. Let's then set in an action such as this one that variable to the very value indicated in the error:

- name: Busca en el cuerpo del PR
        uses: actions/github-script@v3
        with:
          github-token: ${{secrets.GITHUB_TOKEN}}
          ACTIONS_ALLOW_UNSECURE_COMMANDS: true
          script: |
              # script follows

But then, this is the error obtained:

Unexpected input(s) 'ACTIONS_ALLOW_UNSECURE_COMMANDS', valid inputs are ['script', 'github-token', 'debug', 'user-agent', 'previews', 'result-encoding']

While we could follow one of these recommendations, I can't find what they mean and what's the reasonable value for them. It looks like errors like these are happening all over the place since set-env was deprecated today.

17 Answers

✔️Accepted Answer

It worked for me this way.

steps:
- uses: actions/checkout@master

- name: Setup MSBuild path
  uses: microsoft/setup-msbuild@v1.0.0
  env:
    ACTIONS_ALLOW_UNSECURE_COMMANDS: 'true'
  
- name: Setup NuGet
  uses: NuGet/setup-nuget@v1.0.2
  env:
    ACTIONS_ALLOW_UNSECURE_COMMANDS: 'true'

Other Answers:

don't understand why we need ACTIONS_ALLOW_UNSECURE_COMMANDS=true, all i need to do is replacing

echo "::set-env name=PR_AUTHOR::${{ github.event.pull_request.user.login }}"
echo "::set-env name=PR_AUTHOR::${{ github.event.issue.user.login }}"

with

echo "PR_AUTHOR=${{ github.event.pull_request.user.login }}" >> $GITHUB_ENV
echo "PR_AUTHOR=${{ github.event.issue.user.login }}" >> $GITHUB_ENV

So if you want to quickly fix this..

I've set the first 'step' on all workflows to the following:

steps:
  - name: ACTIONS_ALLOW_UNSECURE_COMMANDS
    id: ACTIONS_ALLOW_UNSECURE_COMMANDS
    run: echo 'ACTIONS_ALLOW_UNSECURE_COMMANDS=true' >> $GITHUB_ENV

It worked for me this way.

steps:
- uses: actions/checkout@master

- name: Setup MSBuild path
  uses: microsoft/setup-msbuild@v1.0.0
  env:
    ACTIONS_ALLOW_UNSECURE_COMMANDS: 'true'
  
- name: Setup NuGet
  uses: NuGet/setup-nuget@v1.0.2
  env:
    ACTIONS_ALLOW_UNSECURE_COMMANDS: 'true'

Do those who are thumbing down care to explain why? This indeed worked like a charm.

After re-reading a few times I see the right way to do this going forward.

Setting an environment variable

echo "{name}={value}" >> $GITHUB_ENV

But the dev experience for this deprecation is a bit rough. It was only through this issue that I found the answer.

The path from "this is no longer correct" to "what is the right way to do it" is a little hazy at first.

I didn't realize deprecating set-env was on the roadmap at all until a job just now failed for me. The link to the deprecation info is all the way to the right in this error so there's no way to see it without scrolling (which I didn't think to do initially).

Screen Shot 2020-11-17 at 6 55 02 PM

And googling github actions environment files, looking for the canonical docs on how to do this "right", were a bit buried.

Screen Shot 2020-11-17 at 6 53 29 PM

In hindsight, I see the deprecation error is my first google result, but I was looking for the official docs at that point, not the deprecation notice.

Related Issues:

52
toolkit No way to set the ACTIONS_ALLOW_UNSECURE_COMMANDS variable.
It worked for me this way. This is probably a LTA error issue more than other kind of problem When s...