Reputation: 431
Firebase app hosting unable to retrieve secrets from cloud secret manager
I try to use cloud secret manager in combination with firebase app hosting, but app hosting can't fetch the keys from the secret manager when it's building.
My apphosting.yaml file looks like this:
env:
- variable: NEXT_PUBLIC_FIREBASE_API_KEY
secret: NEXT_PUBLIC_FIREBASE_API_KEY
- variable: NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN
secret: NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN
- variable: NEXT_PUBLIC_FIREBASE_PROJECT_ID
secret: NEXT_PUBLIC_FIREBASE_PROJECT_ID
- variable: NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET
secret: NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET
- variable: NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID
secret: NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID
- variable: NEXT_PUBLIC_FIREBASE_APP_ID
secret: NEXT_PUBLIC_FIREBASE_APP_ID
- variable: NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID
secret: NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID
- variable: TURNSTILE_SECRET_KEY
secret: TURNSTILE_SECRET_KEY
- variable: TURNSTILE_SITE_KEY
secret: TURNSTILE_SITE_KEY
- variable: RECAPTCHA
secret: RECAPTCHA
I've added the secrets with the following command and I see them in the cloud secret manager:
firebase functions:secrets:set NEXT_PUBLIC_FIREBASE_API_KEY --project xx
Later I gave them the following principals with the role Secret Manager Secret Accessor:
I also tried with the command firebase apphosting:secrets:grantaccess NEXT_PUBLIC_FIREBASE_API_KEY, but that gave me the error apphosting did exist.
xx = my project name
Anyone have an idea what I'm missing? When I build I receive this error:
Misconfigured secret Error resolving secret version with name=projects/xx/secrets/NEXT_PUBLIC_FIREBASE_API_KEY/versions/latest. Please ensure the secret exists in your project and that your App Hosting backend has access to it. If the secret already exists in your project, please grant your App Hosting backend access to it with the CLI command 'firebase apphosting:secrets:grantaccess'
Upvotes: 0
Views: 43
Answers (0)
Related Questions
- How do I solve: Error: Failed to list Firebase projects. See firebase-debug.log for more info
- How to set User-Managed secret when using firebase cli for app hosting secret creation
- Issues with Dependencies in Firebase App Hosting and Cloud Functions Deployments for Next.js App
- How to deconflict non-secret and secret environment variables in Firebase Cloud Functions?
- Google Secret Manager Permission Denied with Firebase Function
- Google Cloud function accessing a secret from Secrets Manger
- What is the Correct Way to Use Secret Manager in Firebase Cloud Function?
- Storing secrets in firebase projects: Firebase config API or Secret Manager API?