OpenHands icon indicating copy to clipboard operation
OpenHands copied to clipboard
verified publisher icon All-Hands-AI

Enable OpenHands Resolver to Configure Additional Environment Variables from GitHub Secrets

Open rapturt9 opened this issue 1 year ago • 2 comments

What problem or use case are you trying to solve?

The OpenHands resolver doesn't have options to dynamically set additional environment variables required to run our project.

Describe the UX of the solution you'd like

Introduce the ability to add extra secrets to the workflow, allowing the OpenHands resolver to set up necessary environment variables automatically. This can be achieved by passing a JSON string of environment variables within the workflow configuration.

Do you have thoughts on the technical implementation?

Example Configuration:

jobs:
  call-openhands-resolver:
    if: |
      ${{ 
        github.event.label.name == 'fix-me' ||
        (github.event_name == 'issue_comment' &&
        (startsWith(github.event.comment.body, vars.OPENHANDS_MACRO || '@openhands-agent')) &&
        (github.event.comment.author_association == 'OWNER' || 
         github.event.comment.author_association == 'COLLABORATOR' || 
         github.event.comment.author_association == 'MEMBER'))
      }}
    uses: All-Hands-AI/OpenHands/.github/workflows/openhands-resolver.yml@main
    with:
      macro: ${{ vars.OPENHANDS_MACRO || '@openhands-agent' }}
      max_iterations: 200
      additional_env: |
        {
          "NEW_VAR1": "${{ secrets.NEW_VAR1 }}",
          "NEW_VAR2": "${{ secrets.NEW_VAR2 }}"
        }
    secrets:
      PAT_TOKEN: ${{ secrets.PAT_TOKEN }}
      PAT_USERNAME: ${{ secrets.PAT_USERNAME }}
      LLM_MODEL: ${{ secrets.LLM_MODEL }}
      LLM_API_KEY: ${{ secrets.LLM_API_KEY }}
      LLM_BASE_URL: ${{ secrets.LLM_BASE_URL }}
      NEW_VAR1: ${{ secrets.NEW_VAR1 }}
      NEW_VAR2: ${{ secrets.NEW_VAR2 }}

Describe alternatives you've considered

Passing in a secure link to an env file, but not sure how this would work.

Additional context

Implementing this enhancement will significantly improve the flexibility and maintainability of our workflows.

rapturt9 avatar Nov 19 '24 17:11 rapturt9

Thanks for the feedback!

I think we can support this in the following manner

  1. Create repo variables that are prepended with OPENHANDS_ENV. For example - OPENHANDS_ENV_CONTENTFUL_API_KEY (note that this needs to be set by the user).
  2. Any variables that contain the OPENHANDS_ENV prefix will passed to resolver as SANBOX_ENV_${name}. Continuing the example from above, we would get SANBOX_ENV_CONTENTFUL_API_KEY

After these steps Openhands agents will have access to CONTENTFUL_API_KEY in its environment. This way ENV variables can be passed without having to update the workflow definition every time.

cc @neubig I'd love to take a shot at this!

EDIT: we should store these env variables in repo secrets NOT repo variables

malhotra5 avatar Nov 19 '24 18:11 malhotra5

Thanks @malhotra5 , assigned!

neubig avatar Nov 19 '24 18:11 neubig

This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 7 days.

github-actions[bot] avatar Dec 21 '24 01:12 github-actions[bot]

This issue was closed because it has been stalled for over 30 days with no activity.

github-actions[bot] avatar Jan 02 '25 01:01 github-actions[bot]