fix(stac_cli): Update workflow to fix Missing required environment variable: STAC_BASE_API_URL.#465
Merged
divyanshub024 merged 4 commits intodevfrom Mar 4, 2026
Merged
Conversation
…ase builds by updating environment resolution and GitHub Actions compilation steps.
Contributor
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughAdds compile-time environment variable resolution to the CLI config and updates the GitHub Actions release workflow to validate secrets, expose them as environment variables, and pass them to the Dart compiler as Changes
Sequence Diagram(s)sequenceDiagram
participant GH as GitHub Actions
participant Build as Dart Compiler (build)
participant Config as Env config
participant Runtime as Runtime env (Platform.environment)
GH->>GH: Validate required secrets (Linux/macOS & Windows)
GH->>Build: Export secrets as ENV vars\nPass `-Dkey=value` defines to compiler
Build->>Config: Compile-time: String.fromEnvironment reads -D defines
Runtime->>Config: Runtime env available via Platform.environment
Config->>Config: Resolve value: compile-time → runtime → default → error
Config-->>Build: Provide resolved config values (at runtime or compiled-in)
GH->>GH: Adjust release messaging based on tag existence
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/stac_cli_release.yml:
- Around line 88-92: Add explicit preflight checks that fail the job if any
required secret is empty before running the `dart compile` step; validate
STAC_BASE_API_URL, STAC_GOOGLE_CLIENT_ID, STAC_GOOGLE_CLIENT_SECRET, and
STAC_FIREBASE_API_KEY and abort with a clear error (echo + exit 1) when any
resolves to an empty string, and add the same guard in both OS paths that run
`dart compile` so the workflow cannot produce a broken binary.
In `@packages/stac_cli/lib/src/config/env.dart`:
- Around line 38-45: The _compiledEnvMap currently includes
STAC_GOOGLE_CLIENT_SECRET using String.fromEnvironment, which embeds the secret
into compiled binaries; remove STAC_GOOGLE_CLIENT_SECRET from _compiledEnvMap
and stop using String.fromEnvironment for that key, and instead load the secret
at runtime (e.g., via Platform.environment or the existing runtime env resolver)
or keep it server-side; update any code that reads _compiledEnvMap (references
to _compiledEnvMap or direct uses of STAC_GOOGLE_CLIENT_SECRET) to fetch the
secret through the runtime-only mechanism so it is not compiled into the binary.
ℹ️ Review info
Configuration used: defaults
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (4)
examples/counter_example/pubspec.lockis excluded by!**/*.lockexamples/movie_app/pubspec.lockis excluded by!**/*.lockexamples/stac_gallery/pubspec.lockis excluded by!**/*.lockpackages/stac_cli/pubspec.lockis excluded by!**/*.lock
📒 Files selected for processing (4)
.github/workflows/stac_cli_release.ymlpackages/stac_cli/lib/src/config/env.dartpackages/stac_cli/lib/src/version.dartpackages/stac_cli/pubspec.yaml
…rkflow and pass them via environment variables for compilation.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Update workflow to fix Missing required environment variable: STAC_BASE_API_URL.
Summary by CodeRabbit
Chores
Bug Fixes