Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide mechanism for autopopulating node.js process.env #3311

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Provide mechanism for autopopulating node.js process.env #3311

wants to merge 3 commits into from
+231 −62

Conversation

jasnell
Copy link
Member

@jasnell jasnell commented Jan 9, 2025
edited
Loading

Autopopulates the process.env from bindings in local dev. A similar PR will be needed internally to enable it there as it won't be automatic.

See caveats: #3311 (comment)

@jasnell jasnell requested review from a team as code owners January 9, 2025 17:01
@jasnell jasnell force-pushed the jasnell/workerd-autopopulate-process-env branch 3 times, most recently from 122a5b8 to d08499e Compare January 9, 2025 21:36
anonrig
anonrig reviewed Jan 10, 2025
View reviewed changes
src/node/internal/util.d.ts Outdated Show resolved Hide resolved
src/workerd/api/node/util.h Show resolved Hide resolved
@jasnell jasnell force-pushed the jasnell/workerd-autopopulate-process-env branch 2 times, most recently from 00c74b2 to f6f3f64 Compare January 10, 2025 15:12
@jasnell jasnell requested a review from anonrig January 10, 2025 15:15
@jasnell jasnell force-pushed the jasnell/workerd-autopopulate-process-env branch from f6f3f64 to 7f531ca Compare January 10, 2025 15:15
@jasnell jasnell force-pushed the jasnell/workerd-autopopulate-process-env branch from 7f531ca to 5356dc7 Compare January 10, 2025 15:54
jasnell
jasnell commented Jan 10, 2025
View reviewed changes
src/workerd/api/node/util.h Outdated Show resolved Hide resolved
@jasnell jasnell force-pushed the jasnell/workerd-autopopulate-process-env branch from e6519ab to 09a9009 Compare January 10, 2025 16:28
vicb
vicb suggested changes Jan 10, 2025
View reviewed changes
Copy link
Contributor

@vicb vicb left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@irvinebroque can we discuss this?

I oppose this change of it exposed secrets to the world via process.env

@jasnell
Copy link
Member Author

jasnell commented Jan 10, 2025

I oppose this change of it exposed secrets to the world via process.ENV

To be clear... the change puts any TEXT binding on process.env. We have no way of knowing if a a TEXT binding contains something that is considered a secret or not. If tooling insists on adding secrets to the worker configuration using a TEXT binding then this would mean we just cannot populate process.env automatically at all right now because we have zero ability to differentiate if the value of the TEXT binding is secret or not.

vicb
vicb reviewed Jan 10, 2025
View reviewed changes
src/workerd/jsg/setup.h Outdated Show resolved Hide resolved
@vicb
Copy link
Contributor

vicb commented Jan 13, 2025
edited
Loading

@jasnell I think the following info needs to be added to the PR description (I can not edit it):

This PR

# wrangler.toml
[vars]
PUBLISHED = "foo"
PUBLISHED_INT = "1"
PUBLISHED_BOOL = "true"
PUBLISHED_JSON = "{key: value}"
PUBLISHED_ARRAY = "[1]"

NOT_PUBLISHED_INT = 120
NOT_PUBLISHED_BOOL = true
NOT_PUBLISHED_JSON = {key = value}
NOT_PUBLISHED_ARRAY = [1]

# .dev.vars
PUBLISHED_SECRET = "secret"

Once the description has been added, it would be nice to create an issue on https://github.com/cloudflare/cloudflare-docs to ask this to be documented when merged

kentonv
kentonv requested changes Jan 13, 2025
View reviewed changes
Copy link
Member

@kentonv kentonv left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry I really insist on this: All bindings which render to a plain string must be treated equivalently. We cannot have the behavior change based on the way the value was originally specified in config, because this is changing the abstraction in a way that has already been seen to break multiple tools and adds new constraints to our implementation going forward. The abstraction is that env contains JavaScript values; whether they were transmitted as simple text, JSON, v8 serilaization, etc. is not revealed to the application.

@jasnell
Provide mechanism for autopopulating node.js process.env
fc16af8 
Autopopulates the process.env from bindings in local dev. A similar
PR will be needed internally to enable it there as it won't be
automatic.
@jasnell jasnell force-pushed the jasnell/workerd-autopopulate-process-env branch from 8ba527b to fc16af8 Compare January 13, 2025 21:09
jasnell added a commit to jasnell/cloudflare-docs that referenced this pull request Jan 14, 2025
@jasnell
Document the process.env handling and compat flags
23a80ff 
Refs: cloudflare/workerd#3311
@jasnell jasnell mentioned this pull request Jan 14, 2025
Open
3 tasks
@vicb vicb mentioned this pull request Jan 14, 2025
Open
@jasnell jasnell enabled auto-merge (squash) January 14, 2025 16:04
@jasnell jasnell disabled auto-merge January 14, 2025 18:21
@jasnell jasnell marked this pull request as draft January 14, 2025 18:21
@jasnell
Copy link
Member Author

jasnell commented Jan 14, 2025

Moved back to draft due to continued backend discussion on how the implementation intersects with non-nodejs-compat related aspects of the runtime.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vicb vicb vicb requested changes

@anonrig anonrig anonrig approved these changes

@irvinebroque irvinebroque Awaiting requested review from irvinebroque

@kentonv kentonv Awaiting requested review from kentonv

@danlapid danlapid Awaiting requested review from danlapid

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
api nodejs compat
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jasnell @vicb @anonrig @kentonv @danlapid