Executing third-party scripts
However, sometimes what you want goes beyond accessing the Github API. You might want to run a Python script as part of the workflow, calling other APIs. To do so, you can simply treat them as regular files in a filesystem (think back to how jobs run in virtual machine runners) and call these scripts.
The caveat is that you have to setup the job's virtual machine runner to support the third-party script's language. So, if you're using Python, you need to ensure that Python and all of the scripts' dependencies are installed. If you're using Javascript, ensure that Node.js and all of the project dependencies are installed.
Since we've covered how to use Node.js in Github Actions in Basics of Github Actions already, we will focus on setting up the job virtual machine runner to work with Python scripts this time.
Essentially, what you need to do is to:
Fetch the current repository
Setup Python using the
actions/setup-python@v5
actionInstall all of the Python dependencies from a
requirements.txt
in the current repository (or individual dependencies)Execute the Python script
It's that simple! Now, the script.py
Python script will start to execute and now it will have full filesystem access to the job's virtual machine runner. You can additionally set environment variables for the script to access via env
.
If you are attempting to run a third-party script every time a pull_request
event occurs and want to read any repository secrets or access the GITHUB_TOKEN
token, make sure you use the pull_request_target
event instead. The pull_request
event is susceptible to having untrusted scripts accessing this secure information, so for security reasons, Github has disabled its access to these values. However, pull_request_target
does not suffer from such limitations!
Read more about it here: https://stackoverflow.com/questions/74957218/what-is-the-difference-between-pull-request-and-pull-request-target-event-in-git
You may combine this use case with the previous two to create scheduled scripts that run and interact with the Github API!
Last updated