There appear to be two redundant methods for accessing secrets in firebase functions, according to https://firebase.google.com/docs/functions/config-env?gen=2nd

From the docs:

@https_fn.on_request(secrets=["SECRET_NAME"])
def process_payment(req):
    myBillingService = initialize_billing(key=os.environ.get('SECRET_NAME'))

and that SECRET_NAME is available once you do firebase functions:secrets:set SECRET_NAME.

I've set a secret and confirmed it exists (tagged with "firebase-managed" in the console, available via firebase functions:secrets:access).

Yet, when I use os.getenv('SECRET_NAME') from within a firestore_fn that has the keyword argument secrets=['SECRET_NAME', the environment variable remains unset (i.e. the getenv returns None).

Beyond the confusion of having two apparently redundant methods for providing secret access in functions, the second of the two does not appear to work. Please let me know if I'm missing something.

Finally, the first method (using params.SecretParam) hasn't worked yet for me either. I wonder if the Firebase team or a more advanced user can advise?