Can't use `npm run build` when using HTTPS endpoints (local dev)

[jacksorjacksor]

(I'm increasingly inclined to use the HTTP endpoint for local dev but if possible would like to resolve)

When using Astro to fetch from the Umbraco Content Delivery API (CDA), using the HTTPS endpoint when running the site via npm run dev requires the NODE_TLS_REJECT_UNAUTHORIZED=0 variable to be set to allow Astro to trust Umbraco's self-signed cert. When running this command, Astro warns us that certificate verification has been disabled:

$ npm run dev

> test-fe@0.0.1 dev
> astro dev

(node:33440) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification.
(Use `node --trace-warnings ...` to show where the warning was created)

However, building the site's static pages through the npm run build doesn't elicit this response, so it doesn't appear that the build process uses the NODE_TLS_REJECT_UNAUTHORIZED=0 value.

Workaround is to just use the HTTP endpoint.

[AdamPrendergast]

@jacksorjacksor I've just tried to see if I can replicate this.

What .env files do you have? as in do you have a .env.development & .env.production too?

[jacksorjacksor]

@AdamPrendergast Hi!

I've been using .env.development, and adjusting astro.config.js as below:

.env.development

NODE_TLS_REJECT_UNAUTHORIZED=0

astro.config.js

import { defineConfig } from 'astro/config';
import { loadEnv } from 'vite'; // <- 
import mdx from '@astrojs/mdx';
import sitemap from '@astrojs/sitemap';

const { NODE_TLS_REJECT_UNAUTHORIZED } = loadEnv(process.env.NODE_ENV, process.cwd(), ""); // <- 
process.env.NODE_TLS_REJECT_UNAUTHORIZED = NODE_TLS_REJECT_UNAUTHORIZED; // <- 

// https://astro.build/config
export default defineConfig({
    site: 'https://example.com',
    integrations: [mdx(), sitemap()],
});

[AdamPrendergast]

Nice one.

It looks like when npm run dev uses development mode and will read from .env.development

and npm run build uses production mode and will read from .env.production

I wonder if there is a way of passing in an environment argument to the build command for local builds 🤔

[jacksorjacksor]

@AdamPrendergast OH good catch. That's a far more specific question we could ask. I'll post something in the Astro community Discord.

[AdamPrendergast]

Great!

Diving a little deeper into how we read the values in the astro.config.mjs

I've noticed that the Vite loadEnv method appears to be loading values from the base .env file rather than the environment/mode file.

import { loadEnv } from "vite";

// Appears to read from the base '.env' file only
const { NODE_TLS_REJECT_UNAUTHORIZED } = loadEnv(process.env.NODE_TLS_REJECT_UNAUTHORIZED, process.cwd(), "");
process.env.NODE_TLS_REJECT_UNAUTHORIZED=NODE_TLS_REJECT_UNAUTHORIZED;

I do seem to be able to get this to work with using dotenv rather than Vite.

import dotenv from 'dotenv';

// This seems to work fine
dotenv.config({ path: `.env.${process.env.NODE_ENV}` });
process.env.NODE_TLS_REJECT_UNAUTHORIZED=process.env.NODE_TLS_REJECT_UNAUTHORIZED;

I'm conscious that they recommend the Vite approach here

I wonder if we can somehow pass in the environment/mode into loadEnv?

[jacksorjacksor]

Ah good call, could approach in that way for sure.

In the meantime, I've raised the question of using the development variables for the build action in the Astro discord:

https://discord.com/channels/830184174198718474/1221052769931231312/1221052769931231312

[AdamPrendergast]

Amazing... thanks @jacksorjacksor!

[jacksorjacksor]

From the Astro discord

• Try npm run build --mode development

Will check later and report back!

[jacksorjacksor]

^Nope, didn't work. ALAS, currently no way to run npm run build when using the Umbraco HTTPS endpoints, locally.