Build secrets for preview workers
I have a worker that has both variables and secrets in the "Settings" panel for Worker Builds. In production builds everything's fine, but in preview builds, secrets appear empty. To check that I added an
env call before builds and logging in the js code. This is what I see:
What can I do?15 Replies
Can you share your wrangler config and you deploy command?
can I send you the wrangler.toml privately?
Can you redact? I'm mostly interested in your environments config and non production deploy command
the build command is:
the preview deploy command is:
(without
--env staging in the production case)
okGotcha, and your staging Worker, can you see if your Worker has the vars set in dash?
this is the wrangler.toml
I have build variables and secrets, "run environment" variables set through wrangler.toml and "run environment" secrets set through the settings page
the
API_SECRET_KEY is set both in build secrets and in "run environment" secrets, or the production build would failYou want these in "variables and secrets" in the Worker settings
alternatively wrangler secret put --env staging API_SECRET_KEY
oh, that is interesting... is there an equivalent for the worker builds secrets?
API_SECRET_KEY is used by next during build to get data for prebuilding pagesHonestly I'm not sure up to date on Workers CI (not on that team) that I wouldn't be able to tell ya 😅 . I think you want that as a regular variable for use during your app build
maybe I'm beginning to understand something... using environments creates automatically a new "worker" with the original name "-environment", but since my build fails that still doesn't exist, so I cannot set build secrets... am I right?
I see... I'm really grateful you took time to answer! Can you refer me to someone who could have more insights?
That seems reasonable, but also a little confused because if you have this as a workers CI variable then I think that should work? Generally speaking the team pops in on Discord from time to time, but it's all on a volunteer basis. I can't promise that you'll get a response from that team, but I can forward along!
I'm confused as well! There's no way to set secrets on one environment or the other from the "main" worker, so it seems all is ok... thank you very much!
for me it's the end of the working day, but I will check back later if someone replied, thanks again!
Hey @andrea_bhweb 👋 ! Could you share your build_uuid for a preview build which didn't have the env vars you expect, as well as a production build which had the env vars?
?workers-build-id
The Workers build ID is a unique build identifier.
It's the UUID in the browser bar (for example, a URL would be
dash.cloudflare.com/ACCOUNT_ID/workers/services/view/WORKER/production/builds/BUILD_ID where the build ID looks something like a398d794-7322-4c97-96d9-40b5140a8d9b).
This ID can help troubleshoot some issues with Workers builds so if you have a failing build make sure you grab that ID for the team to use.