deploy_feedback icon indicating copy to clipboard operation
deploy_feedback copied to clipboard

Published 20 hours ago verified publisher icon denoland

Unable to import private modules with `DENO_AUTH_TOKENS`

Open linhub15 opened this issue 2 years ago • 4 comments

Reproduction steps

  1. Given a file that imports from a private repository import { ... } from "https://raw.githubusercontent.com/<private-repo>"
  2. Deploy
  3. See the error image
  4. Add environment variable DENO_AUTH_TOKENS with github access token format <token>@raw.githubusercontent.com; image
  5. Expect Deploy to automatically add the Authorization: Bearer <token> and succeed in importing the module.
  6. Actual: Still see the 404 Not Found

Setting local environment variable DENO_AUTH_TOKENS in ~/.bashrc working successfully.

linhub15 avatar Aug 08 '22 04:08 linhub15

I just faced the exact same issue but I tried deployctl for uploading.

schwarzkopfb avatar Sep 30 '22 02:09 schwarzkopfb

Same error here, Trying to deploy using Github Actions, I have DENO_AUTH_TOKENS correctly registered both on the deploy mat and on the Deno Deploy panel and I keep getting an error because he can't access the repository at the time of deploy.

Error: image

Secreted Created on Github: image

Secret Created on DenoDeploy image

The content of the registered variable is the following:

[email protected]

I already tested it, and locally on my machine I can use a variable with that same content normally.

Github Action:

name: Deploy

on:
  push:
    branches: ["main"]
  pull_request:
    branches: ["main"]

jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-latest
    permissions:
      id-token: write # Needed for auth with Deno Deploy
      contents: read # Needed to clone the repository

    steps:
      - name: Clone repository
        uses: actions/checkout@v3
        
       # Just a workarround try, no success.
      - name: Export DENO_AUTH_TOKENS secret to env
        run: echo "export DENO_AUTH_TOKENS=${{ secrets.DENO_AUTH_TOKENS }}" >> ~/.bashrc && source ~/.bashrc

      - name: Upload to Deno Deploy
        uses: denoland/deployctl@v1
        with:
          project: "xxx-project-name"
          entrypoint: "./server.ts"

Anderson-SG avatar Apr 30 '23 05:04 Anderson-SG

For reference, the "Environment Variables" only apply at the time of execution of a deployment.

The deployment building step that happens upfront on all commits/uploads involves an analysis and bundling phase, and custom environment variables do not apply there. As such, it isn't currently possible to provide a DENO_AUTH_TOKENS secret through environment variables to authenticate imports.

We are aware that this may be a blocker for using private modules and we have this on our radars, but I don't have a roadmap for this to share at this time.

lucab avatar Aug 03 '23 16:08 lucab

FYI, one possible workaround for now would be to run deno vendor to download the dependencies ahead of time and commit them into the repository.

magurotuna avatar Apr 05 '24 07:04 magurotuna