We can notice that the special characters in the secret that is saved to process.env get escaped, and the escaped characters are included as part of the returned string.
4) Access the secret via CLI: firebase functions:secrets:access TEST_SECRET, returned value is \\123\\123 so the secret is stored in correct format in the secret manager
[REQUIRED] Expected behavior
Secret accessed via process.env should act similarly to functions.config() and return the secret value without escaping
[REQUIRED] Actual behavior
Secret value with special characters gets escaped, so a secret that is stored as \\123\\123 is returned as \\\\123\\\\123 from the process.env. In our case, we want to pass the secret as a basic auth password, but the secret is returned incorrectly as \\\\123\\\\123 string.
Related issues
[REQUIRED] Version info
node:14
firebase-functions:3.21.2
firebase-tools:11.1.0
firebase-admin:10.0.2
[REQUIRED] Test case
Follow the steps to reproduce below for a test case
[REQUIRED] Steps to reproduce
1) Create a new Firebase secret: TEST_SECRET with value
\\123\\123
firebase functions:secrets:set TEST_SECRET
and give it a value\\123\\123
2) Create a new Firebase config variable: TEST_SECRET with value
\\123\\123
firebase functions:config:set TEST_SECRET="\\123\\123"
3) Create a function that runs with the secret, and logs both secret value and config value
We can notice that the special characters in the secret that is saved to process.env get escaped, and the escaped characters are included as part of the returned string.
4) Access the secret via CLI:
firebase functions:secrets:access TEST_SECRET
, returned value is\\123\\123
so the secret is stored in correct format in the secret manager[REQUIRED] Expected behavior
Secret accessed via process.env should act similarly to functions.config() and return the secret value without escaping
[REQUIRED] Actual behavior
Secret value with special characters gets escaped, so a secret that is stored as
\\123\\123
is returned as\\\\123\\\\123
from the process.env. In our case, we want to pass the secret as a basic auth password, but the secret is returned incorrectly as\\\\123\\\\123
string.