Problem when constructing output with value from environment variable #597

k-krupka · 2025-05-08T06:59:59Z

Describe the bug

Invalid character when trying to construct a JSON output from a script, in this case, a specific value generates the error.

To Reproduce

Create workflow:

jobs:
  debug-without-variable:
    runs-on: ubuntu-latest
    steps:
      - name: Create JSON and set output
        id: create_json
        uses: actions/github-script@v7
        with:
          script: |
            return [
              {
                "name": "APPLICATIONINSIGHTS_CONNECTION_STRING",
                "value": "InstrumentationKey=GUID_GOES_HERE;IngestionEndpoint=https://xxx.in.applicationinsights.azure.com/;LiveEndpoint=https://northeurope.livediagnostics.monitor.azure.com/;ApplicationId=GUID_GOES_HERE"
              },
              {
                "name": "EventHubConnectionString__fullyQualifiedNamespace",
                "value": "abc"
              }
            ];

  debug-with-variable:
    runs-on: ubuntu-latest
    environment: dev-europe
    steps:
      - name: Create JSON and set output
        id: create_json
        uses: actions/github-script@v7
        with:
          script: |
            return [
              {
                "name": "APPLICATIONINSIGHTS_CONNECTION_STRING",
                "value": "${{ vars.AZURE_APPLICATIONINSIGHTS_CONNECTION_STRING }}"
              },
              {
                "name": "EventHubConnectionString__fullyQualifiedNamespace",
                "value": "abc"
              }
            ];

create an envirnoment "dev-europe" and add a single variable AZURE_APPLICATIONINSIGHTS_CONNECTION_STRING with value InstrumentationKey=GUID_GOES_HERE;IngestionEndpoint=https://xxx.in.applicationinsights.azure.com/;LiveEndpoint=https://northeurope.livediagnostics.monitor.azure.com/;ApplicationId=GUID_GOES_HERE
run the workflow and see results.

Expected behavior

No error in the github action.

Screenshots

This value, the output of the script, will be in the subsequent steps, I skip those for clarity. We have two outcomes:

Success:

Failure:

SyntaxError: Invalid or unexpected token
##[error]Unhandled error: SyntaxError: Invalid or unexpected token
    at new AsyncFunction (<anonymous>)
    at callAsyncFunction (/home/runner/work/_actions/actions/github-script/v7/dist/index.js:35424:16)
    at main (/home/runner/work/_actions/actions/github-script/v7/dist/index.js:35522:26)
    at /home/runner/work/_actions/actions/github-script/v7/dist/index.js:35497:1
    at /home/runner/work/_actions/actions/github-script/v7/dist/index.js:35553:3
    at Object.<anonymous> (/home/runner/work/_actions/actions/github-script/v7/dist/index.js:35556:12)
    at Module._compile (node:internal/modules/cjs/loader:1529:14)
    at Module._extensions..js (node:internal/modules/cjs/loader:1613:10)
    at Module.load (node:internal/modules/cjs/loader:1275:32)
    at Module._load (node:internal/modules/cjs/loader:1096:12)

Additional context

My context is, that I am preparing a set of settings for my Application to be deployed in Azure Function App. Those are the settings I will need later. I was adding one after another variables for the app configuration and stumbled on the App Insights connection string.

The text was updated successfully, but these errors were encountered:

joshmgross · 2025-05-08T14:09:23Z

I'd almost always recommend passing Actions expressions as env values to use them in a script, rather than injecting them directly into a script as then they'll be evaluated as JS (which could lead to script injection attacks in addition to syntax errors.

So instead of

  debug-with-variable:
    runs-on: ubuntu-latest
    environment: dev-europe
    steps:
      - name: Create JSON and set output
        id: create_json
        uses: actions/github-script@v7
        with:
          script: |
            return [
              {
                "name": "APPLICATIONINSIGHTS_CONNECTION_STRING",
                "value": "${{ vars.AZURE_APPLICATIONINSIGHTS_CONNECTION_STRING }}"
              },
              {
                "name": "EventHubConnectionString__fullyQualifiedNamespace",
                "value": "abc"
              }
            ];

I'd do:

  debug-with-variable:
    runs-on: ubuntu-latest
    environment: dev-europe
    steps:
      - name: Create JSON and set output
        id: create_json
        uses: actions/github-script@v7
        env:
          CONNECTION_STRING: ${{ vars.AZURE_APPLICATIONINSIGHTS_CONNECTION_STRING }}
        with:
          script: |
            return [
              {
                "name": "APPLICATIONINSIGHTS_CONNECTION_STRING",
                "value": process.env.CONNECTION_STRING
              },
              {
                "name": "EventHubConnectionString__fullyQualifiedNamespace",
                "value": "abc"
              }
            ];

k-krupka · 2025-05-08T17:11:34Z

ah all right, so as simple as that? :)
close the issue or you wanna tackle this as a bug separately?

thanks @joshmgross !

joshmgross added the question A question on how to use this action label May 8, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Problem when constructing output with value from environment variable #597

Problem when constructing output with value from environment variable #597

k-krupka commented May 8, 2025

joshmgross commented May 8, 2025

k-krupka commented May 8, 2025

Problem when constructing output with value from environment variable #597

Problem when constructing output with value from environment variable #597

Comments

k-krupka commented May 8, 2025

joshmgross commented May 8, 2025

k-krupka commented May 8, 2025