Can not access SecretParam from on_document_created

[arndtvoges]

This is on the emulator with v0.1.1. I have not tested this as a deployed function.

Not sure if this is my mistake, but I can't seem to access the secrets from within a Firestore function, although the secrets parameter looks like it is defined in _GLOBAL_OPTIONS?

from firebase_functions import firestore_fn
from firebase_admin import initialize_app, firestore
from firebase_functions.params import SecretParam

app = initialize_app()
db = firestore.client()

SECRET_KEY_ONE = SecretParam("SECRET_KEY_ONE")
SECRET_KEY_TWO = SecretParam("SECRET_KEY_TWO")

@firestore_fn.on_document_created(document="Chat/{chatId}", secrets=[SECRET_KEY_ONE, SECRET_KEY_TWO])
def onChatCreated(
    event: firestore_fn.Event[firestore_fn.DocumentSnapshot | None]
) -> None:
    print(SECRET_KEY_ONE.value())
    return

Gives me TypeError: 'str' object is not callable

When I change the code to print(SECRET_KEY_ONE) it gives me {{ params.SECRET_KEY_ONE }}

The secrets are defined in Cloud Secrets. When I change the secrets' names, it asks me to save a new value, indicating that it is aware of their existence of their original names in Cloud Secrets.

[arndtvoges]

This also happens when deployed. It recognized the secret is required during deploy:

✔  functions: ensured [email protected] access to SECRET_KEY_ONE.

[ekalosak]

I've had a similar issue #141 The FB docs are stale, it's true. From the code, you can see that value() is decorated with @property. So you refer to it as secret.value without the (), of course.

The issue in 141 is that, even when you access secret.value - which is a thin wrapper around os.getenv - the secret does not appear to be injected into the environment. So even if you corrected that typo in your code, you wouldn't get the secret value.

I've reverted to using the from google.cloud import secretmanager; client = secretmanager.ClientClassName(); ... recipe for getting secrets. It kills the cold-start time but it does work.