readthedocs.org icon indicating copy to clipboard operation
readthedocs.org copied to clipboard
verified publisher icon readthedocs

cannot add a 3048 character long environment variable

Open 12rambau opened this issue 5 years ago • 12 comments

Details

  • Read the Docs project URL: https://sepal-ui.readthedocs.io/en/latest/
  • Read the Docs username (if applicable): borntobealive

description

In my repository one of the dependancy is Google Earthe Engine API. this API require a manual authentification or a private key. In order to use the private key I've been to my admin panel and added it to environment variable (EE_PRIVATE_KEY).

The build unfortunately failed.

Looking closely at my env variable, I realize that the final character is not the appropriate one.

the Value field of the website can only handle 2048 characters and my key is 3044 character long. is there a way to change that ?

12rambau avatar Feb 10 '21 16:02 12rambau

Is that key provided by google or a manually generated one?

stsewd avatar Feb 10 '21 17:02 stsewd

google provide a json file,

I used the following script to change it into a string :

import json
import base64

with open('sepal-key.json') as jsonfile:
    data = json.load(jsonfile)
    datastr = json.dumps(data)
    encoded = base64.b64encode(datastr.encode())

print(encoded)

Looking at my code I assume that you would prefer me to use base16 or base32 instead of base64 right ?

I'm using the same key in travisCI and there were no problem so is there any technical reason why you don't handle it ?

12rambau avatar Feb 10 '21 18:02 12rambau

@12rambau I'd recommend to not store the full file in an env var, but encrypt the json file in the repo and store the key in an env var, then you can decrypt it in the script you have. Not sure about increasing the size of the env vars would help to completely support this case, the size could increase over time, and we would need to increase the size again.

stsewd avatar Feb 10 '21 18:02 stsewd

Your solution seems totaly legit. I will wait before implementing because it will require me to change the decoding procedure of my API key in my lib and change it in all the othoer services that already use this key :

  • TravisCI
  • codeClimate
  • CodeCover
  • GithubCI (when I'll manage to make it work).

My point is the following : even though my strategy wasn't the most efficient, wouldn't it be normal to align the RDT requirements for environment variable with the other comonly used services ?

12rambau avatar Feb 11 '21 14:02 12rambau

wouldn't it be normal to align the RDT requirements for environment variable with the other comonly used services ?

What's the max length of each of the other services? I'm fine to have a similar value here.

humitos avatar Mar 15 '21 12:03 humitos

No idea I just know that mine was entering. I've asked on SO let's see if someone knows

12rambau avatar Mar 15 '21 12:03 12rambau

It seems TravisCI is not a concern anymore and my SO question was long deleted. nonetheless, I found the information I was looking for in the Github Documentation:

https://docs.github.com/en/actions/learn-github-actions/variables#limits-for-configuration-variables

max size = 64 Kb

Do you think it would be doable to set the same limitation to your service ?

12rambau avatar Jan 15 '23 15:01 12rambau

This looks like a pretty edge case to me. However, I'm not opposed to use 64Kb as max size if it that's what other services are doing.

humitos avatar Jan 16 '23 10:01 humitos

I faced it again in 5 different documentations. In fact anything that should rely on a Google API token. the initial workaround is forcing me to use set a encrypted private key in my repository which is really failing the whole purpose of the environment variable.

Any news from your side ?

12rambau avatar Mar 04 '24 15:03 12rambau

Hi @12rambau. No news here. Unfortunately, we weren't able to prioritize this work yet.

humitos avatar Mar 04 '24 17:03 humitos