syncEnvVars working with branches

Author: matt-aitken

apps/webapp/app/routes/api.v1.projects.$projectRef.envvars.$slug.import.ts

@@ -5,6 +5,7 @@ import { z } from "zod";
 import {
   authenticateProjectApiKeyOrPersonalAccessToken,
   authenticatedEnvironmentForAuthentication,
+  branchNameFromRequest,
 } from "~/services/apiAuth.server";
 import { EnvironmentVariablesRepository } from "~/v3/environmentVariables/environmentVariablesRepository.server";
 
@@ -29,7 +30,8 @@ export async function action({ params, request }: ActionFunctionArgs) {
   const environment = await authenticatedEnvironmentForAuthentication(
     authenticationResult,
     parsedParams.data.projectRef,
-    parsedParams.data.slug
+    parsedParams.data.slug,
+    branchNameFromRequest(request)
   );
 
   const repository = new EnvironmentVariablesRepository();

apps/webapp/app/services/apiAuth.server.ts

@@ -17,6 +17,7 @@ import {
   isPersonalAccessToken,
 } from "./personalAccessToken.server";
 import { isPublicJWT, validatePublicJwtKey } from "./realtime/jwtAuth.server";
+import { sanitizeBranchName } from "./upsertBranch.server";
 
 const ClaimsSchema = z.object({
   scopes: z.array(z.string()).optional(),
@@ -261,14 +262,18 @@ function isSecretApiKey(key: string) {
   return key.startsWith("tr_");
 }
 
+export function branchNameFromRequest(request: Request): string | undefined {
+  return request.headers.get("x-trigger-branch") ?? undefined;
+}
+
 function getApiKeyFromRequest(request: Request): {
   apiKey: string | undefined;
   branchName: string | undefined;
 } {
   const apiKey = getApiKeyFromHeader(request.headers.get("Authorization"));
-  const branchHeaderValue = request.headers.get("x-trigger-branch");
+  const branchName = branchNameFromRequest(request);
 
-  return { apiKey, branchName: branchHeaderValue ? branchHeaderValue : undefined };
+  return { apiKey, branchName };
 }
 
 function getApiKeyFromHeader(authorization?: string | null) {
@@ -340,7 +345,8 @@ export async function authenticateProjectApiKeyOrPersonalAccessToken(
 export async function authenticatedEnvironmentForAuthentication(
   auth: DualAuthenticationResult,
   projectRef: string,
-  slug: string
+  slug: string,
+  branch?: string
 ): Promise<AuthenticatedEnvironment> {
   if (slug === "staging") {
     slug = "stg";
@@ -362,7 +368,7 @@ export async function authenticatedEnvironmentForAuthentication(
         );
       }
 
-      if (auth.result.environment.slug !== slug) {
+      if (auth.result.environment.slug !== slug && auth.result.environment.branchName !== branch) {
         throw json(
           {
             error:
@@ -391,22 +397,53 @@ export async function authenticatedEnvironmentForAuthentication(
         throw json({ error: "Project not found" }, { status: 404 });
       }
 
+      if (!branch) {
+        const environment = await prisma.runtimeEnvironment.findFirst({
+          where: {
+            projectId: project.id,
+            slug: slug,
+          },
+          include: {
+            project: true,
+            organization: true,
+          },
+        });
+
+        if (!environment) {
+          throw json({ error: "Environment not found" }, { status: 404 });
+        }
+
+        return environment;
+      }
+
       const environment = await prisma.runtimeEnvironment.findFirst({
         where: {
           projectId: project.id,
           slug: slug,
+          branchName: sanitizeBranchName(branch),
+          archivedAt: null,
         },
         include: {
           project: true,
           organization: true,
+          parentEnvironment: true,
         },
       });
 
       if (!environment) {
-        throw json({ error: "Environment not found" }, { status: 404 });
+        throw json({ error: "Branch not found" }, { status: 404 });
+      }
+
+      if (!environment.parentEnvironment) {
+        throw json({ error: "Branch not associated with a preview environment" }, { status: 400 });
       }
 
-      return environment;
+      return {
+        ...environment,
+        apiKey: environment.parentEnvironment.apiKey,
+        organization: environment.organization,
+        project: environment.project,
+      };
     }
   }
 }

packages/build/src/extensions/core/syncEnvVars.ts

@@ -11,6 +11,7 @@ export type SyncEnvVarsResult =
 export type SyncEnvVarsParams = {
   projectRef: string;
   environment: string;
+  branch?: string;
   env: Record<string, string>;
 };
 
@@ -85,6 +86,7 @@ export function syncEnvVars(fn: SyncEnvVarsFunction, options?: SyncEnvVarsOption
         fn,
         manifest.deploy.env ?? {},
         manifest.environment,
+        manifest.branch,
         context
       );
 
@@ -138,6 +140,7 @@ async function callSyncEnvVarsFn(
   syncEnvVarsFn: SyncEnvVarsFunction | undefined,
   env: Record<string, string>,
   environment: string,
+  branch: string | undefined,
   context: BuildContext
 ): Promise<Record<string, string> | undefined> {
   if (syncEnvVarsFn && typeof syncEnvVarsFn === "function") {
@@ -149,6 +152,7 @@ async function callSyncEnvVarsFn(
         projectRef: context.config.project,
         environment,
         env,
+        branch,
       });
     } catch (error) {
       context.logger.warn("Error calling syncEnvVars function", error);

packages/cli-v3/src/build/buildWorker.ts

@@ -28,6 +28,7 @@ export type BuildWorkerOptions = {
   destination: string;
   target: BuildTarget;
   environment: string;
+  branch?: string;
   resolvedConfig: ResolvedConfig;
   listener?: BuildWorkerEventListener;
   envVars?: Record<string, string>;
@@ -75,6 +76,7 @@ export async function buildWorker(options: BuildWorkerOptions) {
     destination: options.destination,
     resolvedConfig,
     environment: options.environment,
+    branch: options.branch,
     target: options.target,
     envVars: options.envVars,
   });

packages/cli-v3/src/build/bundle.ts

@@ -339,6 +339,7 @@ export async function createBuildManifestFromBundle({
   resolvedConfig,
   workerDir,
   environment,
+  branch,
   target,
   envVars,
   sdkVersion,
@@ -348,6 +349,7 @@ export async function createBuildManifestFromBundle({
   resolvedConfig: ResolvedConfig;
   workerDir?: string;
   environment: string;
+  branch?: string;
   target: BuildTarget;
   envVars?: Record<string, string>;
   sdkVersion?: string;
@@ -356,6 +358,7 @@ export async function createBuildManifestFromBundle({
     contentHash: bundle.contentHash,
     runtime: resolvedConfig.runtime ?? DEFAULT_RUNTIME,
     environment: environment,
+    branch,
     packageVersion: sdkVersion ?? CORE_VERSION,
     cliPackageVersion: VERSION,
     target: target,

packages/cli-v3/src/commands/deploy.ts

@@ -277,6 +277,7 @@ async function _deployCommand(dir: string, options: DeployCommandOptions) {
   const buildManifest = await buildWorker({
     target: "deploy",
     environment: options.env,
+    branch,
     destination: destination.path,
     resolvedConfig,
     rewritePaths: true,

packages/cli-v3/src/commands/workers/build.ts

@@ -210,6 +210,7 @@ async function _workerBuildCommand(dir: string, options: WorkersBuildCommandOpti
   const buildManifest = await buildWorker({
     target: "unmanaged",
     environment: options.env,
+    branch,
     destination: destination.path,
     resolvedConfig,
     rewritePaths: true,

packages/core/src/v3/schemas/build.ts

@@ -24,6 +24,7 @@ export const BuildManifest = z.object({
   contentHash: z.string(),
   runtime: BuildRuntime,
   environment: z.string(),
+  branch: z.string().optional(),
   config: ConfigManifest,
   files: z.array(TaskFile),
   sources: z.record(

pnpm-lock.yaml

@@ -6,6 +6,7 @@
     "trigger.dev": "workspace:*"
   },
   "dependencies": {
+    "@trigger.dev/build": "workspace:*",
     "@trigger.dev/sdk": "workspace:*",
     "openai": "^4.97.0",
     "replicate": "^1.0.1",
@@ -15,4 +16,4 @@
     "dev": "trigger dev",
     "deploy": "trigger deploy"
   }
-}
+}