Github Actions with Google Functions & Doppler fails

Hi guys,

I’ve been trying to implement Github Actions with Google Actions Functions, and it has been throwing some errors. In Github Actions it gets stuck, Google Deploy fails and function is not deployed.

Doppler seems to cause some kind of crash in Google Cloud deployment. I say that because when I try without Doppler it works, but when I use Doppler it crashes.

Here is what Google Cloud logs say:
ERROR: error fetching storage source: generic::unknown: retry budget exhausted (3 attempts): fetching gcs source: unpacking source from gcs: source fet
/tmp/, and cannot find /tmp/, period.

This error doesn’t happen without Doppler being installed in Github Actions.

And here is the Github Actions file
name: Ci & Cd pipeline

      - dev
      name: Dev deployment
      runs-on: ubuntu-latest
      continue-on-error: true
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Install Doppler CLI
        uses: dopplerhq/cli-action@v1

      - name: Test Doppler Access
        run: doppler secrets download --no-file --format=docker env-no-quotes >> $GITHUB_ENV;

      - name: Gcloud Configuration
        uses: google-github-actions/setup-gcloud@master
          service_account_key: ${{ secrets.DEV_GPC_CREDENTIAL }}
          project_id: kiwify-dev
          export_default_credentials: true

      - id: deploy
        uses: google-github-actions/deploy-cloud-functions@main
          name: test_doppler_test
          runtime: nodejs12
          env_vars: NODE_ENV=production
          entry_point: server

Is it a bug or what?

I’ve tried configuration both inclusing setup-gcloud and without it, the same error always happens.

If I do it directly with gcloud calling the CLI it works. But then I have a problem that the variables are shown in the logs (maybe there is a way to hide them from the logs).

Hey Marinho and welcome to the Doppler Community!

I haven’t been able to reproduce the “error fetching format” issue you’re experiencing and am unsure if Doppler is the cause here. Could it be related to repository size?

Also, it doesn’t appear that you can use the google-github-actions/deploy-cloud-functions GitHub Action to sync Doppler secrets, as it only supports a hard-coded KEY=VALUE format for env_vars. Even using set-output doesn’t work.

As it turns out, it’s much simpler to use the glcoud CLI directly to configure and deploy your Google Cloud Function it can be done in a single step. Here’s a complete example:

    runs-on: ubuntu-latest
    - name: Checkout
      uses: actions/checkout@v2

    - name: Install Doppler CLI
      uses: dopplerhq/cli-action@v1

    - name: GCloud Setup
      uses: google-github-actions/setup-gcloud@master
        service_account_key: ${{ secrets.GPC_CREDENTIALS }}
        project_id: your_project
        export_default_credentials: true

    - name: Configure and Deploy Function
      run: |
        doppler secrets download --no-file --format yaml > .env.yaml && \
        gcloud functions deploy your_project --env-vars-file .env.yaml && \
        rm .env.yaml
        DOPPLER_TOKEN: ${{ secrets.YOUR_DOPPLER_TOKEN }}

Let me know if this is a workable solution for you.

Hey Marinho,

Just wanted to let you know that Google has updated the deploy-cloud-functions GitHub Action with a new env_vars_file optional field which expects vars in YAML format.

You just need to download the secrets from Doppler in YAML format using doppler secrets download --no-file --format yaml.

Let me know how you go and if this is a good solution for you.