[🐛 Bug]: Inconsistent(unexpect) behavior: Only encrypted variables accessible in Next.js on Cloudflare Pages

[tomasen]

next-on-pages environment related information

System:
Platform: linux
Arch: x64
Version: #213-Ubuntu SMP Fri Aug 2 19:14:16 UTC 2024
CPU: (4) x64 Intel(R) Core(TM) i5-6500T CPU @ 2.50GHz
Memory: 8 GB
Shell: /bin/bash
Package Manager Used: npm (10.7.0)

Relevant Packages:
@cloudflare/next-on-pages: 1.13.2
vercel: 37.2.1
next: 14.2.5

Description

Description

When deploying a Next.js application on Cloudflare Pages, I've noticed an inconsistency in how environment variables are accessed. Only encrypted variables are accessible at runtime, while plaintext variables set in the Cloudflare Pages dashboard are not available in the runtime environment.

Expected Behavior

All environment variables set in the Cloudflare Pages dashboard (both plaintext and encrypted) should be accessible in server-side code (server actions, API routes) when the application is running on Cloudflare Pages. Or, it should be documented if otherwise.

Actual Behavior

Only encrypted variables are accessible. Plaintext variables do not appear to be available in the runtime environment.

Steps to Reproduce

1. Set up a Next.js project with @cloudflare/next-on-pages
2. In the Cloudflare Pages dashboard, set both plaintext and encrypted environment variables
3. Deploy the application to Cloudflare Pages
4. Attempt to access these variables in a server action or API route

Reproduction

Code Example 1

import { getRequestContext } from '@cloudflare/next-on-pages';

export async function myServerAction() {
  const ctx = getRequestContext();
  const env = ctx.env;
  
  console.log(env.ENCRYPTED_VARIABLE); // This works
  console.log(env.PLAINTEXT_VARIABLE); // This is undefined
}

Code Example 2

export async function myServerAction() {
  const env = (globalThis as any).process?.env;
  
  console.log(env.ENCRYPTED_VARIABLE); // This works
  console.log(env.PLAINTEXT_VARIABLE); // This is undefined
}

### Pages Deployment Method

Pages CI (GitHub/GitLab integration)

### Pages Deployment ID

_No response_

### Additional Information

_No response_

### Would you like to help?

- [ ] Would you like to help fixing this bug?

[tadhglewis]

Okay so this is weird.. I ran into this same issue however re-deploying seemed to fix it. I am currently using plaintext variables from the wrangler.toml.

It's definitely odd though and seems like there's some race condition where on first deploy, it runs the pipeline before plaintext secrets are uploaded

[zshannon]

There's something weird going on with variables & secrets for sure. I've also hit this plaintext values not present bug and there seems to be another one with encrypted values depending on if the build happens at CF or in a Github Action. (FWIW I don't have any envvars declared in wrangler.toml and as part of my debugging process I have duplicated all my envvars into Github Action secrets and exposed them as envvars at build time; doesn't affect if they're present at runtime, issue is with Pages runtime or next-on-pages)