For the fantasy football picker project that I am working on, a GitHub Action is used to download, parse and upload the stats to a Supabase database. For the action to connect to the database the action needs to know the database URL and database key both of which should be kept a secret.
GitHub Actions have the ability to pass secrets as environment variables and I used the steps listed at here to pass the secrets as environment variables. Or so I thought. When the action ran the script I had written was unable to connect to the database because the environment variables containing the secrets did not exist. After hours of trying to figure out the problem, I remembered another project that was doing pretty much the same thing that I was doing. So I checked out the way that open-sauced ran its populate-supabase action and it dawned on me,
The environment variables have to be set in the step they are being used in.
After correcting the yaml for the action to set the secrets as environment variables in the step that was running the script the action was able to connect to the database.