Skip to content

fix(env-vars): refactor for workspace/personal env vars to work with server side execution correctly#2197

Merged
icecrasher321 merged 13 commits intostagingfrom
fix/env-vars-new-exec
Dec 5, 2025
Merged

fix(env-vars): refactor for workspace/personal env vars to work with server side execution correctly#2197
icecrasher321 merged 13 commits intostagingfrom
fix/env-vars-new-exec

Conversation

@icecrasher321
Copy link
Copy Markdown
Collaborator

@icecrasher321 icecrasher321 commented Dec 4, 2025

Summary

Personal Env Vars -- used for manual / chat client side executions always. OR from workflow owner for execution triggers where caller is not known.

Workspace Env Vars -- used to share env vars across workspace [read only] take precedence over personal

UI supports adding workspace env vars directly now not only through promotion.

Type of Change

  • Bug fix

Testing

Tested manually with @Sg312 and @aadamgough

Checklist

  • Code follows project style guidelines
  • Self-reviewed my changes
  • Tests added/updated and passing
  • No new warnings introduced
  • I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

@vercel
Copy link
Copy Markdown

vercel bot commented Dec 4, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment
Project Deployment Preview Comments Updated (UTC)
docs Skipped Skipped Dec 5, 2025 5:04am

@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps bot commented Dec 4, 2025

Greptile Overview

Greptile Summary

This PR refactors environment variable handling to properly distinguish between personal and workspace environment variables for different execution contexts. The changes implement a new precedence hierarchy where workspace environment variables (shared across teams, read-only) take precedence over personal environment variables (user-specific, private).

For execution context determination: client-side executions (manual/chat) use the session user's personal environment variables, while server-side executions (API triggers, webhooks, schedules) use workspace variables with the workflow owner's personal variables as fallback when the caller is unknown. The refactoring introduces isClientSession and sessionUserId metadata fields throughout the execution pipeline to properly track execution context.

The ExecutionSnapshot class was simplified by removing environment variables from its constructor and serialization, moving variable resolution to execution-time rather than snapshot-creation time. The UI was enhanced to support direct creation of workspace variables (not just promotion from personal variables) with improved conflict detection and validation between the two scopes.

Important Files Changed

Filename Score Overview
apps/sim/executor/execution/snapshot.ts 4/5 Removed environment variables from ExecutionSnapshot constructor and serialization, replaced with empty getter
apps/sim/lib/workflows/executor/execution-core.ts 5/5 Core execution logic refactored to determine correct user for personal env vars and merge with workspace vars
apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components-new/settings-modal/components/environment/environment.tsx 3/5 Major UI refactor separating personal and workspace variable management with conflict detection
apps/sim/app/api/workflows/[id]/execute/route.ts 4/5 Added isClientSession and sessionUserId fields to execution metadata for proper context tracking
apps/sim/background/workflow-execution.ts 4/5 Added isClientSession: false flag to distinguish server-side execution context
apps/sim/background/webhook-execution.ts 5/5 Simplified constructor calls and added isClientSession flag for webhook executions
apps/sim/background/schedule-execution.ts 4/5 Fixed personal env var resolution to use workflow owner's vars instead of caller's for scheduled executions
apps/sim/lib/workflows/executor/human-in-the-loop-manager.ts 4/5 Removed environment variables parameter from ExecutionSnapshot constructor in resume logic
apps/sim/executor/execution/snapshot-serializer.ts 4/5 Refactored metadata access and removed environment variables from snapshot serialization
apps/sim/app/workspace/[workspaceId]/w/[workflowId]/utils/workflow-execution-utils.ts 4/5 Added isClientSession: true flag for client-initiated workflow executions
apps/sim/package.json 5/5 Updated Trigger.dev SDK from 4.0.4 to 4.1.2 for compatibility with environment variable changes

Confidence score: 4/5

  • This PR addresses a critical issue with environment variable handling across different execution contexts with well-structured changes
  • Score reflects solid architectural improvements but potential issues with UI hydration stability and complex refactoring scope
  • Pay close attention to the environment variables UI component which uses Math.random() causing potential hydration mismatches

Sequence Diagram

sequenceDiagram
    participant User
    participant NextRequest as "/api/workflows/[id]/execute"
    participant Auth as "checkHybridAuth"
    participant PreProcess as "preprocessExecution"
    participant WorkflowLoader as "loadDeployedWorkflowState"
    participant EnvUtils as "getPersonalAndWorkspaceEnv"
    participant FileProcessor as "processInputFileFields"
    participant ExecutionCore as "executeWorkflowCore"
    participant LoggingSession as "LoggingSession"
    participant PauseManager as "PauseResumeManager"
    participant AsyncTasks as "tasks.trigger"

    User->>NextRequest: "POST /api/workflows/[id]/execute"
    NextRequest->>Auth: "checkHybridAuth(req)"
    Auth-->>NextRequest: "{ success: true, userId, authType }"
    
    NextRequest->>PreProcess: "preprocessExecution({ workflowId, userId, triggerType })"
    PreProcess-->>NextRequest: "{ success: true, actorUserId, workflowRecord }"
    
    alt isAsyncMode
        NextRequest->>AsyncTasks: "tasks.trigger('workflow-execution', payload)"
        AsyncTasks-->>NextRequest: "{ jobId, statusUrl }"
        NextRequest-->>User: "202 Accepted { async: true, jobId }"
    else Synchronous/SSE Execution
        NextRequest->>WorkflowLoader: "loadDeployedWorkflowState(workflowId)"
        WorkflowLoader-->>NextRequest: "{ blocks, edges, loops, parallels }"
        
        NextRequest->>EnvUtils: "getPersonalAndWorkspaceEnv(userId, workspaceId)"
        EnvUtils-->>NextRequest: "{ personalEncrypted, workspaceEncrypted }"
        
        NextRequest->>FileProcessor: "processInputFileFields(input, blocks, context)"
        FileProcessor-->>NextRequest: "processedInput"
        
        NextRequest->>LoggingSession: "new LoggingSession(workflowId, executionId, triggerType)"
        LoggingSession-->>NextRequest: "loggingSession"
        
        NextRequest->>ExecutionCore: "executeWorkflowCore({ snapshot, callbacks, loggingSession })"
        ExecutionCore->>LoggingSession: "safeStart({ userId, workspaceId, variables })"
        ExecutionCore->>ExecutionCore: "Execute workflow blocks"
        
        alt Execution Paused
            ExecutionCore->>PauseManager: "persistPauseResult({ workflowId, executionId, pausePoints })"
            PauseManager-->>ExecutionCore: "Pause data persisted"
        else Execution Completed
            ExecutionCore->>PauseManager: "processQueuedResumes(executionId)"
            PauseManager-->>ExecutionCore: "Queued resumes processed"
        end
        
        ExecutionCore->>LoggingSession: "safeComplete({ finalOutput, traceSpans })"
        ExecutionCore-->>NextRequest: "ExecutionResult"
        
        alt enableSSE
            NextRequest-->>User: "SSE Stream with execution events"
        else Direct JSON Response
            NextRequest-->>User: "200 JSON { success, output, metadata }"
        end
    end
Loading

greptile-apps[bot]
greptile-apps bot reviewed Dec 4, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

11 files reviewed, 5 comments

Edit Code Review Agent Settings | Greptile

@icecrasher321 icecrasher321 mentioned this pull request Dec 4, 2025
Closed
10 tasks
@icecrasher321 icecrasher321 merged commit 8ef9a45 into staging Dec 5, 2025
9 checks passed
This was referenced Dec 5, 2025
Merged
Merged
@waleedlatif1 waleedlatif1 deleted the fix/env-vars-new-exec branch December 7, 2025 02:16
@waleedlatif1 waleedlatif1 mentioned this pull request Apr 4, 2026
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@icecrasher321