I have added the gatsby guess-js plugin, and have configured the jwt option. I have the pem key in .env.development, wrapped with quotes (the build fails without), which works fine on local builds.
However, when I try to deploy to Netlify the build fails, with the pem set as an environment variable - both with and without quotes. It fails with the error: Error: error:0906D06C:PEM routines:PEM_read_bio:no start line.
Can anyone help with this?
Hi @travisreynolds can you share the site youāre testing this on? Also if you log the environment variable, do you see what you are expecting?
Hello @futuregerald -Yes, I can log the variable at build time.
@travisreynolds @futuregerald Any update here? Iām having this same issue attempting to communicate with the Github API as a Github App from Netlify Functions. Is it possible to use a PEM as an environment variable through the Netlify UI? Hereās my use case:
Iām using Githubās @octokit/app node package to create a JWT as follows:
const APP_ID = process.env.GITHUB_APP_ID; const PRIVATE_KEY = process.env.GITHUB_PRIVATE_KEY;
const app = new App({ id: APP_ID, privateKey: PRIVATE_KEY }); const jwt = app.getSignedJsonWebToken();
When I log the env variable, I do see exactly what I entered in the Netlify UI. Is there special formatting necessary for a multi-line variable?
Hi @karlshaver, you shouldnāt need a special setting for a multi-line variable. Are you using \n?
@travisreynolds is ANALYTICS_SERVICE_ACCOUNT_KEY the environment variable name? Did you try adding newlines to it?
Yep, I have tried replacing newlines with \n
Yes, that is the env -And yes, like @karlshaver I originally added it with \n (as it was generated), and have this issue either way.
Hi,
Can you try BASE64 encoding the PEM key and storing the encoded version in an en var, then decoding it in your JS and using it that way? This may help getting around possible encoding problems.
Ah, good idea - That works perfectly, thanks @futuregerald!
Hi @futuregerald I was having the same problem, apparently my key was too big to be stored in an env variable. Then I followed your advice and base64 encoded it
Now Iām receiving an āinvalid grantā error from the auth server the key is supposed to authenticate to
The thing is, the same code works fine in local dev.
So, encoding the key works fine in local dev and the function authenticates, but in production it doesnāt
Any chance I should use a different encoding method?
Iāll post my encoding code here, in case it helps. The object I created has a āprivate_keyā property, see below
'private_key': Buffer.from(process.env.PRIVATE_KEY, 'base64').toString('ascii')
Iāll also add a console.log of the key, comparing production vs development. It looks the same. This is development
I would appreciate any help! Thanks in advance!
Looks identical to me from your screenshots. I canāt really explain what is happening on your other service. Perhaps you can ask them for help in seeing what is received, to see what is different?
I solved my problem, this debug tool was really important in the process, so Iād like to share it here
