CollabOps
CI/CDExpressions

Contexts

Detailed reference for secrets, vars, env, and collabops contexts

These are the contexts available in expressions. They are referenced using the $\{\{ context.key \}\} format.

secrets

References secret values registered in the workspace or repository. Use this to securely pass sensitive information such as API keys, passwords, and authentication tokens.

steps:
  - name: deploy
    run: ./deploy.sh
    env:
      # Pass values registered in secrets as environment variables
      API_KEY: "${{ secrets.API_KEY }}"
      DB_PASSWORD: "${{ secrets.DB_PASSWORD }}"
      DEPLOY_TOKEN: "${{ secrets.DEPLOY_TOKEN }}"

Secret values are masked in logs.

vars

References variables configured at the organization, repository, or environment level. Use this to manage non-secret configuration values such as deployment environments, regions, and URLs.

env:
  # Reference variables configured at the organization/repository level
  DEPLOY_ENV: "${{ vars.DEPLOY_ENV }}"         # production, staging, etc.
  AWS_REGION: "${{ vars.AWS_REGION }}"         # ap-northeast-2
  SLACK_CHANNEL: "${{ vars.SLACK_CHANNEL }}"   # #deploy-notifications

env

References environment variables defined with env in the workflow from within expressions.

env:
  APP_NAME: my-app
  APP_VERSION: "1.0.0"

jobs:
  build:
    steps:
      - name: build-image
        run: |
          # Reference via $env.APP_NAME
          docker build -t ${{ env.APP_NAME }}:${{ env.APP_VERSION }} .

You can also access them as regular environment variables ($APP_NAME) inside run. Expressions (${{ env.APP_NAME }}) are substituted at the YAML level, while shell variables ($APP_NAME) are substituted at runtime.

collabops

A built-in context that is automatically provided when a workflow runs.

collabops Context Keys

KeyTypeExampleDescription
collabops.refstringrefs/heads/mainFull Git ref path
collabops.ref_namestringmainBranch or tag name (without path prefix)
collabops.ref_typestringbranchRef type (branch or tag)
collabops.shastringabc123def456...Full SHA of the triggered commit
collabops.event_namestringpushTrigger event name (push, change_request, schedule, workflow_dispatch)
collabops.actorstringusernameUser who triggered the workflow
collabops.commit_messagestringfix: login bugCommit message of the trigger commit
collabops.head_refstringfeature/loginSource (head) branch name of the CR (for change_request events)
collabops.workspace_idstringws-abc123Workspace identifier
collabops.repository_idstringrepo-def456Repository identifier

Usage Examples

jobs:
  build:
    steps:
      - name: checkout
        uses: "collabops/checkout@v2"
        with:
          repo-url: "https://<collabops-host>/<workspace>/<repository>.git"

      - name: tag-image
        run: |
          # Use the commit SHA as the image tag
          IMAGE_TAG="${{ collabops.sha }}"
          echo "Building image with tag: $IMAGE_TAG"

          # Branch name based logic
          echo "Branch: ${{ collabops.ref_name }}"
          echo "Event: ${{ collabops.event_name }}"
          echo "Actor: ${{ collabops.actor }}"

Using in Conditional Execution

jobs:
  deploy-prod:
    # Deploy to production only on push to the main branch
    if: "collabops.ref == 'refs/heads/main' && collabops.event_name == 'push'"
    steps: [...]

  deploy-staging:
    # Deploy to staging on the develop branch or on CR events
    if: "collabops.ref_name == 'develop' || collabops.event_name == 'change_request'"
    steps: [...]

Expressions

Overview of expression syntax available in Workflows

Step Outputs

Passing data between Steps — using $COLLABOPS_OUTPUT and the steps context

Table of Contents

secretsvarsenvcollabopscollabops Context KeysUsage ExamplesUsing in Conditional Execution