The problem with reusable workflows

• The calling workflow usually needs to pass data to the reusable workflow
• GitHub limits the ways we can do that. Because security
• GHA calls these workflow inputs
• env/config data can be passed via with and secrets
• Example:

jobs:
  call-docker-build:
    name: Call Docker Build
    uses: bretfisher/docker-build-workflow/.github/workflows/reusable-docker-build.yaml@main
    secrets:
      dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }}
      dockerhub-token: ${{ secrets.DOCKERHUB_TOKEN }}
    with:
      dockerhub-enable: true
      image-names: ghcr.io/${{ github.repository }}
      tag-rules: |
        type=ref,event=pr
        type=raw,value=gha-${{ github.run_id }}

Passing data to reusable workflows

Reusable workflows accept data via inputs

1. First, let’s add an inputs array to our reusable workflow on:workflow_call: event
2. Next, we pass those input values to the Action steps: ${{ inputs.<input-name> }}
3. Then we’ll add matching with and secrets key:values to our calling workflow