How to Use Environment-Scoped Variables in GitHub Actions
Environment variables hold non-secret config (URLs, regions) that differs per target and is read through the vars context.
Add variables on the environment in settings, then target it with environment:. Read the value with ${{ vars.NAME }}; an environment variable overrides a repo variable of the same name.
Steps
- Open the environment and add a variable under the Variables tab (e.g.
REGION). - Set
environment: <name>on the job. - Reference
${{ vars.REGION }}in steps.
Workflow
.github/workflows/ci.yml
jobs:
deploy:
runs-on: ubuntu-latest
environment: staging
steps:
- run: ./deploy.sh --region ${{ vars.REGION }}Gotchas
- Variables are not masked, so never store credentials in them; use secrets instead.
- A variable is empty unless the job declares the environment that defines it.
Related guides
How to Reference a Variable With the vars Context in GitHub ActionsRead configuration variables in GitHub Actions through the vars context, which exposes organization, reposito…
How to Use Environment-Scoped Secrets in GitHub ActionsBind secrets to a single GitHub Actions environment so a job only sees that target credentials when it declar…