In this article, we'll create a GitHub Action that runs once a day at midnight UTC to execute a script. This script interacts with an external API that requires environment variables for authentication. While the specifics of the API are not detailed, the principles apply broadly, including for services like Supabase, APIs requiring API keys, or similar authentication methods.

Step 1: Creating the Workflow File

1. Create the Workflow Directory: Inside your repository, or project, navigate to the .github folder, then into the workflows folder. If these don't exist, create them.
2. Create Your Workflow File: Create a new file named daily_api_interaction.yml. The .yml extension is necessary as GitHub Actions workflows are defined in YAML.

Step 2: Defining the Workflow

Open daily_api_interaction.yml and start defining your workflow:

yamlCopy
name: Daily API Interaction

on:
  schedule:
    - cron: "0 0 * * *" # Runs at midnight UTC every day
  workflow_dispatch: # Allows manual triggering

jobs:
  interact_with_api:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          node-version: "16" # Or any version you require

      - name: Install dependencies
        run: npm install

      - name: Execute script
        run: node path/to/your_script.js
        env:
          API_KEY: ${{ secrets.API_KEY }}
          API_SECRET: ${{ secrets.API_SECRET }}

Step 3: Setting Up Secrets

1. Access Repository Settings: In your repository, click on "Settings".
2. Navigate to Secrets: Click on "Secrets & variables" > "Actions".
3. Add New Secrets: Use the "New repository secret" button to add each required secret. You might add API_KEY and API_SECRET, for example. Fill in the "Name" and "Value" fields accordingly and save.

Step 4: Understanding the Cron Schedule

• The cron: '0 0 * * *' expression specifies the job runs at 00:00 (midnight) UTC every day.
• Cron syntax consists of five fields: minute, hour, day of the month, month, and day of the week, each separated by a space.

Step 5: Running the Workflow

• Automatic Triggers: The workflow will automatically run at midnight UTC daily.
• Manual Triggers: You can also manually trigger the workflow using the workflow_dispatch event from the GitHub UI under the "Actions" tab of your repository.

Tips and Best Practices

• Testing Cron Schedules: If new to cron syntax, consider using online tools to verify your cron expressions.
• Securing Secrets: Never hard-code sensitive information like API keys into your workflow files. Always use GitHub Secrets.
• Environment Variables: The env block under the Execute script step makes the secrets available as environment variables within the script context.
• Node.js Version: Ensure the Node.js version specified in actions/setup-node matches the version required by your project.

By following these steps, you've set up a GitHub Action to securely interact with an external API on a daily schedule, demonstrating how to automate tasks while keeping sensitive data protected.