-
Notifications
You must be signed in to change notification settings - Fork 5.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AJV Schema should accept useDotenv=false #8566
Comments
@jer-sen Technically we support only In |
Ok I will find an other file extension for my environment files. |
Why exactly do you have them, what's the purpose?
That's a very good point, it was overlooked that they're packaged, we'll provide a patch shortly |
I use one locally to configure environment variables (loaded with |
Serverless Framework loads variables only from |
Ok. So there is no security issue 😃 |
@medikoo I use .env with direnv and nix to set up my dev environment. Direnv takes care of setting up my environment correctly. Since serverless already can use environment variable, this functionality is completely redundant to me. And might possibly cause some weird hard to debug issues. Please reconsider adding option to disable this and possibly not have it enabled by default. I think anyone who uses .env/.envrc probably already has some kind of tool that sets environment when entering the directory. |
@takeda thanks for input. What exactly issues do you envision? In my understanding worst case scenario is that Framework will just set some environment variables to same values that Direnv written (so will not introduce any effective change) |
@medikoo it's just the magical behavior that I'm afraid of, since it can create some unexpected behavior that might be harder to trubleshoot. I'm assuming those variables will be accessible through So for example I have SOMETHING=2 sls deploy ... But sls uses the value from A variation of it is also, that it uses Most people who use |
@takeda Actually Check https://github.com/motdotla/dotenv#what-happens-to-environment-variables-that-were-already-set. We follow all recommended practices of |
To chime in here: I use But on Lambda, we have environment variables and we can set them up in Maybe this could be an opt-in behavior? E.g. something like: service: app
provider:
environmentFile: .env |
@mnapoli Serverless doesn't deploy env vars from |
@medikoo thanks for the clarification, that sounds much more reasonable then! What's the use case with supporting |
It's handy to decide which env vars should be used per directory. Without it usually you'd prefix command with needed env vars, which is not very convenient |
@Nyholm thanks for description. What is "PHP Application" ? Why it shares the folder with Serverless service? Which do you feel is more cardinal in this case? Is this that Serverless service complements the "PHP Application", or is it the other way? |
Any PHP application. In my specific case it is most likely Symfony. This is my application, my website, my API etc.
Maybe I misunderstand you here. My website lives in
It is the PHP application/website that is the main thing for me. Serverless is just a tool.
I think we are using different terminology. Maybe you can elaborate based on my this message. |
Issue you're describing only happens if your application/website is configured in same folder as Serverless service (so application/website root folder and serverless service root folder is same). Is this the case on your side? Do you keep your Serverless service (so |
Yes. It is true that my application lives in
That is an excellent question. =) My application lives there because that is basically how you do it in PHP. One application per git repository and the application root is the same as the git root. Im not sure why |
Simply keep PHP project and Serverless service at two different folders, especially if there are no common parts between them. Mixing two unrelated applications within one folder feels as bad pattern to me. It's hard to upfront assume which file belongs to which, and that makes it way harder to reason about them. |
Interesting. In my PHP focused mind, this does not make any sense for me. This is a good example of the root files on a normal PHP website deployed with serverless. As you see, there is all kinds of config files there that belongs to different tools and package managers. I know Im not an exception here. =)
That is not the way I see it. I see my
I think that is the situation we are in. You may convince me that this is a bad idea and I'll maybe change. But there are a lot of other PHP developers that wont. Hence the discussion about Serverless reading |
I think @Nyholm is trying to say that Just like you have a README, or a Makefile, or a
In that context, they are not really unrelated: the PHP project is the one being deployed to Lambda. There is only 1 application here. Does that make more sense? Let's say the project is an HTTP API (whatever the language). If If I look at official Serverless examples, the |
Thanks @mnapoli for that clarification. It was totally not obvious to me, I assumed both are not that related. In that case, the PHP project is part of Serverless Service, and I believe right way to approach it, is to put PHP project to some dedicated folder. Ideally code that's used to deploy the app should not be mixed with code that's run in the cloud (especially it if it implies a risk of conflicts)
Yes, if repository hosts just single Serverless service it's totally natural and right to have |
But that not how people do PHP projects =)
True. But there is no "code to deploy the app". It is just a config file (serverless.yml) We (PHP people) are aware of the "risk of conflicts". That is why we are desperate to fin a way to disable the new "read env files" feature. I believe this input shows a bit the situation this new Serverless feature has put us in. I hope there could be a workaround. Ie Make the name of |
From where I stand, this is just one example of collisions, which may happen when we try to maintain two different projects in same folder. Technically we can fix this specific collision with some opt-out workaround, but with that approach we won't fix any other collisions which may occur due to this kind of organization. The only solid fix is to nest PHP project in some sub folder |
To continue the conversation started — why do you consider serverless as different application and not the part of what's in the git root? I always was thinking about Would it be feasible to provide an opt-out option for this new dotEnv behaviour? |
I wrote this in the forum thread asking about adding a One example of a use case where I might want to set useDotenv to false is if I’m using In my config modules I might do some checking and verification on the environment. I can potentially verify both that things are set and that things aren't set. I may also (though I probably wouldn't recommend it) change the environment into something that is "valid" let's say I need to remove an environment variable due to some condition. Basically this means that my environment, once Serverless actually starts deploying (or my application starts locally), may be different to what it was after I verified it. Which to me seems like a potentially huge problem. |
To be clear a CLI flag, like the one @medikoo suggested would solve this, I see no need to necessarily put the dotenv behavior config in the serverless file. |
@chekalsky we're going into direction where Serverless services could be deployed programmatically, e.g. you would be able to require a So summarizing, technically it's a CLI process specific setting, and not a Serverless service specific setting that's why I believe it doesn't belong to service configuration, and we propose to introduce opt-out via CLI param Similarly is with |
This feels like a mistake that will cause a lot of problems for users. Is the benefit of adding this so great that causing all of those problems is worth it? Why purposely use a name which conflicts with programs previously designed using Serverless? I don't think it should be opt-out, but rather opt-in. |
My feeling exactly, despite all of the concerns it still being pushed. And not only it is enabled by default, there's no option to even disable it. I already have a tool that uses What I'm trying to avoid is wasting few hours on an issue that could be traced to this behavior. At very least use a different name like |
Hello @siolfyr and @takeda - thanks for voicing your opinion here. We are going to introduce a CLI option that will allow to opt-out from this behavior, as @medikoo mentioned in one of the previous comments. Would that satisfy your needs? What potential issues do you see with this behavior? Maybe there's a case that we're missing that is really problematic |
We've decided (internally) to revert from deprecation notice, and in v3 we will keep the very same behavior as it's in v2 ( The reasoning is that we're worried to break for users which already use PR that removes the deprecation in v2 will be introduced in the next days (once it's in, we will close this issue) |
❤️ Thank you |
Thank you @medikoo. A war story FWIW... For reasons I'm still unsure of, setting Whilst I can't seem to recreate the problem locally (the artifacts that I build locally do indeed have the correct port in them), all I can say is: the problem occurs in CI for us when setting |
@ljwagerfield all that |
This would cause an issue if the desired env vars (being set elsewhere, say by another plugin) followed the same logic. For example, if they were only being set when absent, then they will no-longer be set after setting |
This is the problem
The specifics are:
When setting |
@ljwagerfield then you should not use |
Thank you @medikoo, glad it won't be mandatory in v3 🙏 |
In version 2.14
configSchema.js
containsuseDotenv: { const: true },
butfalse
is a valid value cf https://www.serverless.com/framework/docs/providers/aws/guide/serverless.yml/Also deprecation warning LOAD_VARIABLES_FROM_ENV_FILES should not be triggered when
useDotenv=false
.The text was updated successfully, but these errors were encountered: