Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to use environment variable ? #11755

Open
12rambau opened this issue Nov 11, 2024 · 6 comments
Open

How to use environment variable ? #11755

12rambau opened this issue Nov 11, 2024 · 6 comments
Labels
Support Support question

Comments

@12rambau
Copy link

Details

Expected Result

I would like to use environment variable in my build:

  • EARTHENGINE_PROJECT
  • EARTHENGINE_SERVICE_ACCOUNT

I run the following code in my conf.py:

import pytest_gee  # noqa: E402

if "EARTHENGINE_SERVICE_ACCOUNT" in os.environ:
    pytest_gee.init_ee_from_service_account()
elif "EARTHENGINE_PROJECT" in os.environ:
    pytest_gee.init_ee_from_token()
else:
    raise ValueError("Cannot authenticate with Earth Engine.")

I would expect to see the process pytest_gee.init_ee_from_service_account() to start as it's listed in my environment variable but I get the following error instead meaning the value is not accecible from the build env.

Traceback (most recent call last):
  File "/home/docs/checkouts/readthedocs.org/user_builds/geetools/envs/379/lib/python3.10/site-packages/sphinx/config.py", line 529, in eval_config_file
    exec(code, namespace)  # NoQA: S102
  File "/home/docs/checkouts/readthedocs.org/user_builds/geetools/checkouts/[37](https://app.readthedocs.org/projects/geetools/builds/26236533/#250367246--37)9/docs/conf.py", line 140, in <module>
    raise ValueError("Cannot authenticate with Earth Engine.")
ValueError: Cannot authenticate with Earth Engine.

I build the environment from scratch with the configuration file. should I add the env variable manually as in GitHub actions ?

version: 2

build:
  os: ubuntu-22.04
  tools:
    python: "3.10"

sphinx:
  configuration: docs/conf.py

python:
  install:
    - method: pip
      path: .
      extra_requirements:
        - doc
@humitos humitos added the Support Support question label Nov 11, 2024
@stsewd
Copy link
Member

stsewd commented Nov 11, 2024

Hi, I see that build is from a PR, you probably need to mark your env var as public, see https://docs.readthedocs.io/en/stable/environment-variables.html#environment-variables-and-build-process.

@12rambau
Copy link
Author

arf that's unexpected, I though privates meant the same as in github, i.e. "you cannot see it". So it means that if I build this specific branch manually it's going to work right ?

@12rambau
Copy link
Author

Hi I worked on my little experiment (https://app.readthedocs.org/projects/geetools/builds/26250084/). If I build the branch itself I can use the private variables.

Why do you prevent use of private env variables in the PR builds ?
In Github actions they work in both the only difference with publics one is that you cannot show them or write them anywhere.

@stsewd
Copy link
Member

stsewd commented Nov 20, 2024

Why do you prevent use of private env variables in the PR builds ?

Anyone can open a PR on GitHub, they can change the commands to steal the environment variable.

@humitos
Copy link
Member

humitos commented Nov 21, 2024

Anyone can open a PR on GitHub, they can change the commands to steal the environment variable.

This could be mentioned in the docs, to give more context to users and avoid this confusion.

@12rambau
Copy link
Author

12rambau commented Nov 21, 2024

Why do you prevent use of private env variables in the PR builds ?

Anyone can open a PR on GitHub, they can change the commands to steal the environment variable.

But you can also prevent the CI to start (and I think it's the default behaviour) if not validated by a maintainer right ? In my repositories when a new developer creates a PR I need to accept to launch the workflows before they run and as a contributors in many packages I also faced it myself, waiting for someone to validate my PR before anything is run. isn't the triggering mechanism (from GitHub) of RDT subject to the same constraints ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Support Support question
Projects
None yet
Development

No branches or pull requests

3 participants