STRIPE_API_KEY issues within Google Cloud Manager

[b0ot]

Bug report

• Extension name: firestore-stripe-payments
• https://extensions.dev/extensions/stripe/firestore-stripe-payments

Describe the bug

I created separate Firebase Project for Dev/Prod and noticed that I was getting the errors in the firebase-debug.log that were stating that NO API KEY was being provided on my checkout session requests. A lot of digging later and I think that there may be an issue related to how the extension is handling the STRIPE_API_KEYS

Details:

After configuring the Stripe Extension via the Firebase Console I'm seeing 2x 'secret' keys being added to Google 'Secret Manager' for the STRIPE_API_KEY

1. firestore-stripe-payments-STRIPE_API_KEY
2. firestore-stripe-payments-STRIPE_API_KEY-XXXX

where XXXX appears to be lowercase letters/numbers

If I look at the auto-generated ./extensions/firestore-stripe-payments.env file it seems to reference the -XXXX version STRIPE_API_KEY=projects/${param:PROJECT_NUMBER}/secrets/firestore-stripe-payments-STRIPE_API_KEY-XXXX/versions/latest

Expectations: It should only have one value in Secret Manager for EACH project for the API KEY within Google Cloud Manager

Issues Caused:

• If you have separate Firebase projects for each environment (e.g. DEV / PROD) then each will have a different -XXXX appended to it. This means the automatically generated .env won't work when changing env without manual modification of the .env files
• When reconfiguring the extension, the STRIPE_API_KEY's within Secret Manager can become inconsistent. Example: I reconfigured in Firebase Console for my PROD Firebase Project to use the production key (originally it was using 'test' keys). After which: On my PROD env firestore-stripe-payments-STRIPE_API_KEY-XXXX is my prod key (correct) firestore-stripe-payments-STRIPE_API_KEY is my dev/test key (error)

To Reproduce

Steps to reproduce the behavior, please provide code snippets or a repository:

Configure or Reconfigure the Firebase Run Payments with Stripe extension.

Expected behavior

• There only to be one reference to STRIPE_API_KEY within Google Cloud Manager after configuring or reconfiguring the extension.
• Not to have the -XXXX appended in the filename so that changing between different env/Firebase projects was easier.
• If there was a reason to have 2x STRIPE_API_KEY's within Secret Manager that they would remain consistent after reconfiguring the extension via Firebase console.

Additional expectation (more feature request) that the Stripe Extension would have allowed you to configure both a 'Test' and 'Prod' key for a single project. This supports the workflow for local testing on emulators to pushing to production online.

Screenshots

If applicable, add screenshots to help explain your problem.

System information

• Windows running WSL2 (Ubuntu)

Additional context

Add any other context about the problem here.

[imbradyboy]

@jsteele-stripe can you take a look at this? It's been dormant for quite a while, but is being raised as a critical issue in the Firebase Me Discord community