Provide mechanism for autopopulating node.js process.env #3311
Conversation
jasnell
force-pushed
the
jasnell/workerd-autopopulate-process-env
branch
3 times, most recently
from
122a5b8 to
d08499e
Compare
jasnell
force-pushed
the
jasnell/workerd-autopopulate-process-env
branch
2 times, most recently
from
00c74b2 to
f6f3f64
Compare
jasnell
force-pushed
the
jasnell/workerd-autopopulate-process-env
branch
from
f6f3f64 to
7f531ca
Compare
jasnell
force-pushed
the
jasnell/workerd-autopopulate-process-env
branch
from
7f531ca to
5356dc7
Compare
Autopopulates the process.env from bindings in local dev. A similar PR will be needed internally to enable it there as it won't be automatic.
jasnell
force-pushed
the
jasnell/workerd-autopopulate-process-env
branch
from
e6519ab to
09a9009
Compare
There was a problem hiding this comment.
@irvinebroque can we discuss this?
I oppose this change of it exposed secrets to the world via process.env
To be clear... the change puts any |
Co-authored-by: Victor Berchet <[email protected]>
| @@ -711,6 +711,9 @@ static v8::Local<v8::Value> createBindingValue(JsgWorkerdIsolate::Lock& lock, | |||
|
|
|||
| KJ_CASE_ONEOF(text, kj::String) { | |||
| value = lock.wrap(context, kj::mv(text)); | |||
| if (featureFlags.getPopulateProcessEnv() && featureFlags.getNodeJsCompat()) { | |||
| lock.setEnvField(lock.str(global.name), jsg::JsValue(value)); | |||
There was a problem hiding this comment.
We also need to call this for JSON vars that parse to a plain string, and any other type of variable whose type is a plain string, otherwise we're still piercing the abstraction here.
There was a problem hiding this comment.
It might be easier to just give the entire env object over to the proxy, and let the proxy filter for fields which are strings.
There was a problem hiding this comment.
We also need to call this for JSON vars that parse to a plain string,..
As discussed.. I'm strongly -1 on special casing JSON fields that parse to a string vs. other js types, largely because it sets up an inconsistency.
It is extremely common in Node.js for env vars to be defined as JSON strings such that node.js code will unconditionally do JSON.parse(process.env.FOO). If sometimes a JSON binding is ignored, sometimes it comes through as a parsed json string, or sometimes it comes through as an encoded JSON string, then this extremely common Node.js pattern breaks. User code would end up having to be changed to inspect the value of process.env.FOO in advance or wrap the JSON.parse(process.env.FOO) in a try/catch, both of which are unlikely when we're talking about ecosystem modules folks are pulling off npm.
Yes, I understand that we have edge cases that represent what should be plaintext text bindings as JSON bindings but that's an implementation detail/quirk/edge case that I don't think we should be optimizing for.
... and any other type of variable whose type is a plain string
Such as?
To be clear, there are no other bindings in workerd-api.c++ whose type is a plain string so it's not clear what you're suggesting here. Given that the internal repo has a different (more expansive) set of bindings possible then sure, the setEnvField(...) may need to be called in more places in the internal PR but for workerd there aren't other binding types whose value is a plaintext string.
process.env should be limited to specifically the things we call "environment variables" and not other types of bindings.
It might be easier to just give the entire env object over to the proxy
I disagree. This mechanism also works for old service worker syntax workers in which the env object is the globalThis. It would make things rather more complicated if we had to special case these options whereas the current implementation keeps things rather simple.
There was a problem hiding this comment.
Further, if we did decide to propagate other types of bindings to process.env we can do so in separate PRs. That shouldn't be blocking for this initial PR
There was a problem hiding this comment.
Note: wrangler dev/miniflare use JSON bindings for now so the PR will not work as is.
There was a problem hiding this comment.
It appears to do so for local development at least. A quick test of wrangler deploy shows that it appropriately uses TEXT bindings for env vars when pushed to production. So the limitation here would appear to be limited to local dev. Should be fixed, yes, but I don't think it's a blocker for merging.
There was a problem hiding this comment.
PR to fix wrangler dev so that it matches production and uses TEXT as appropriate cloudflare/workers-sdk#7738
| @@ -234,6 +234,10 @@ jsg::JsValue UtilModule::getBuiltinModule(jsg::Lock& js, kj::String specifier) { | |||
| return js.undefined(); | |||
| } | |||
|
|
|||
| jsg::JsObject UtilModule::getEnvObject(jsg::Lock& js) { | |||
| return js.getEnv(true); | |||
There was a problem hiding this comment.
what about:
getEnvObject -> getProcessEnvObj
getEnv -> getProcessEnv
| @@ -665,6 +668,24 @@ class Isolate: public IsolateBase { | |||
| } | |||
| } | |||
|
|
|||
| // Sets an env value that will be expressed on the process.env | |||
There was a problem hiding this comment.
expressed -> exposed?
maybe expand on "when nodejs-compat mode is used" (to refer to the flag)
Autopopulates the process.env from bindings in local dev. A similar PR will be needed internally to enable it there as it won't be automatic.