Closed onmax closed 1 year ago
I see in the util/database.ts
there is a call to load()
from the dotenv dependency in the top-level module scope. This file also exports a couple of addEstablishment*
methods. These in turn are used in your function logic. So the final bundled function file that executes remotely (or locally), as soon as the functions are invoked, will try to call the dotenv
module's load
method.
According to the dotenv
docs, this method needs both file-reading and env-reading access. Custom functions deployed to Slack do not run with the --allow-env
permission. So that is the problem!
I don't think you need to use the dotenv dependency in your code. Have you read our documentation on environment variables? When locally running your app using slack run
, the CLI tool will automatically load your local .env
file and populate the env
function input parameter, while when deployed, the values you added using slack env
will be available in the env
function input parameter.
Let me know if that makes sense or if I misunderstood something.
That was the issue in fact! Thank you.
@filmaj This is a serious issue and needs to be reopened! I'm trying to use https://deno.land/x/openai@v4.32.1, but because the library accesses the OPENAI_BASE_URL
env, I get an error:
Requires env access to "OPENAI_BASE_URL", run again with the --allow-env flag
Even after manually adding the variable with:
slack env add OPENAI_BASE_URL https://api.openai.com/v1
I still get an error...
Do you get this error in a deployed context, or locally when you slack run
?
@filmaj no issues when running locally. I only get this issue when running the deployed app...
Reading real env variales on the Slack hosting servers is not allowed. Thus, if a 3rd party library tries to read env variables internally, unfortunately it's not feasible to use it in production. slack env
is just a mechanism to pass env-ish string data to your custom function as an argument. When it comes to the OpenAI library, what happens if you pass all {baseURL, apiKey, organization}
explicitly? Doing so may prevent the library from reading env variables for default values.
@seratch ya that did the trick!
Should have noticed that workaround myself; my brain must be fried from integrating the files API between slack and OpenAI 😵💫
Still, this is an interesting limitation that definitely puts things a bit "out of your own control". I started to submit a PR to openai to see if it's possible to check for --allow-env
using the permissions API, but unfortunately it's an async
call so not really possible
The
deno-slack
versionsDeno runtime version
OS info
Deployment
Describe the bug
I get the following error:
Steps to reproduce
You can find my code in Github in this repo
These are the commands I execute:
slack run
and then I execute the workflow successfullyslack trigger update trigger-id {ID_TRIGGER}
-> Gets redeployslack deploy
Expected result
I would expect the same behaviour as when I run it locally
Actual result
Logs
Running `slack platform activity -t -v` I get: ``` 2023-08-25 14:17:27 [info] [Fn05BNHPTMRD] (Trace=Tr05PVPNULCR) Function output: Caught error from user supplied module: PermissionDenied: Requires env access to all, run again with the --allow-env flag at Object.toObject (ext:runtime/30_os.js:96:16) at readEnv (file:///var/task/functions/create_establishment_with_place_id.js:2822:21) at assertSafe (file:///var/task/functions/create_establishment_with_place_id.js:2801:24) at load (file:///var/task/functions/create_establishment_with_place_id.js:2774:9) at eventLoopTick (ext:core/01_core.js:183:11) at async file:///var/task/functions/create_establishment_with_place_id.js:2845:1 ```
Probably it is a small error. But I cannot spot it. 🙂
Requirements
Please read the Contributing guidelines and Code of Conduct before creating this issue or pull request. By submitting, you are agreeing to those rules.