supabase
OAuth provider environment variables should be ignored in Github Actions
Bug report
- [X] I confirm this is a bug with Supabase, not with my own application.
- [X] I confirm I have searched the Docs, GitHub Discussions, and Discord.
Describe the bug
I have Google enabled as external OAuth provider for local development setting the client id and secret with environment variables.
I also have a github actions workflow to deploy to production. The problem is that this calls supabase link which expects these environment variables to be set, but these cannot be used in github actions.
> Run supabase link --project-ref $SUPABASE_PROJECT_ID
Error evaluating "env(GOOGLE_AUTH_CLIENT_ID)": environment variable GOOGLE_AUTH_CLIENT_ID is unset.
To Reproduce
- Enable an external OAuth provider in
config.tomlusing environment variables.
[auth.external.google]
enabled = true
client_id = "env(GOOGLE_AUTH_CLIENT_ID)"
secret = "env(GOOGLE_AUTH_SECRET)"
- Add a github workflow running
supabase linkorsupabase db push, this will error out
Expected behavior
Supabase commands shouldn't care about these environment variables in config.toml because they are only used for local development.
System information
- OS: Windows
- Browser: Chrome
- Version of supabase cli: 1.123.4
- Version of Node.js: 18.15.0
I evaded this error by setting spoof environment variables in the action, where each environment variable I needed was set to a single whitespace character. This obviously makes for an incorrect config, but since I was only pushing migrations this didn't matter.
Agreed this threw me for a loop too. I had started thinking that maybe it was sync'ing these configuration values to the remote supabase instance, but that doesn't make sense for the supabase link command.
It seems to me that this should only matter while doing something like supabase start for starting up the containers locally.
