'Auto commit from GitHub actions on push using "[skip ci]" in comment also skips workflow trigger on tag release

I have used the [skip ci] command as mentioned here to skip workflow runs in GitHub action, where I am doing an auto-commit after an image is built in CI aciton using PAT and this works wonderfully!

But as the commit comment contains the [skip ci] command and right after that if I create a new Tag release, the CI workflow is not triggered because of the [skip ci].

Is there any way I can exclude the [skip ci] for tag push event and keep it only for one of my branches where ci action runs?

Auto commit in GitHub action:

on: push
jobs:
  ci:
    runs-on: ubuntu-latest
    steps:
      - name: build and push image 
      - name: update image tag
        
      - name: Commit changes
        run: |
          git config --global user.name 'abc'
          git config --global user.email '[email protected]'
          git remote add origin https://github.com/${{ github.repository }}
          git config --global push.default current
          git remote set-url origin https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/${{ github.repository }}
          git commit -am "build: Image tag udpated [skip ci]"
          git push

As you can see this action will run for all push events and the Commit changes step will make another commit using PAT but with [skip ci] in the comment so this same workflow is not triggered again and it works.

But when I go to release a new tag with a new Release title and description, this action doesn't get triggered.

enter image description here

is there a way this can be avoided?

github-actions


Solution 1:[1]

GitHub actions uses a special kind of security token which identifies itself as GitHub actions. It uses that fact to prevent actions from triggering more actions, potentially causing a cascade.

To bypass this protection you'll need to use different security token such as a Personal Access Token or an OAuth app token to perform the tag push action.

You can store that token as an action secret.

When you use the repository's GITHUB_TOKEN to perform tasks, events triggered by the GITHUB_TOKEN will not create a new workflow run. This prevents you from accidentally creating recursive workflow runs. For example, if a workflow run pushes code using the repository's GITHUB_TOKEN, a new workflow will not run even when the repository contains a workflow configured to run when push events occur.

https://docs.github.com/en/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow

What you can do is to bail out as early as possible. To do soremove the [skip ci] token from the commit message and add your own, like [do-not-build], anything will do, really.

Then add a if: condition on the job that performs the build:

if: ${{ contains(github.event.commits[0].message, '[do-not-build]') }}

If will trigger the workflow, but the immediately skip the job.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1

Related Questions

npm ci can only install packages with an existing package-lock.json or npm-shrinkwrap.json with lockfileVersion >= 1

How to execute MSI file on Github Actions (windows-latest runner)

How to set environment variables in GitHub actions using python

Deploy individual services from a monorepo using github actions

How to run GitHub Actions workflows locally?

How to implement semantic versioning in GitHub Actions workflow?

Dynamic Github Actions Steps

commitlint not able to make scope optional

how to run GitHub Action after outage?

Repository Name as a GitHub Action environment variable?

Angular test fails to run with ChromeHeadlessCI in Github Action

Github cli in Action not running workflow

GitHub Actions Failed to Deploy changes to Heroku

Github Actions - No Such File or Directory on Any Run Step

GitHub actions: default branch variable