Hi,
I’m building a Python Function in Foundry that is intended to be triggered via an Ontology Action.
The function makes an outbound HTTP request to an external service (Cloudflare Worker) and needs to read an API key stored as a secret.
Setup:
- Foundry Code Repository using the Python Functions template
- Function defined with the @function decorator
- Secret stored on a generic Foundry Source created via the repo
- Secret accessed via get_source(…).get_secret(…)
- Function invoked via preview / test (and later via Ontology Action)
Example code (simplified):
from functions.api import function
from functions.sources import get_source
import requests
from typing import Optional
@function(sources=[“Cloudflarewhatsapp”])
def send_whatsapp_message(
to: str,
text: str,
phone_number_id: Optional[str] = None,
) → str:
src = get_source(“Cloudflarewhatsapp”)
api_key = src.get_secret(“SendAPI”)
resp = requests.post(
"https://<external-url>/send",
headers={"x-api-key": api_key},
json={"to": to, "text": text},
timeout=15,
)
return resp.text
Issue:
When I try to preview / execute the function, it fails immediately with:
PERMISSION_DENIED
Exports:ExportsWithoutMarkingsValidationNotEnabledForSource
The error occurs before any outbound request is made.
Questions:
- Is this the correct way to use secrets with Python Functions?
- Does the Source need exports / markings validation enabled for use in Functions preview? How to do that?
- Is there a recommended pattern for:
- storing an API key
- calling an external HTTP endpoint
- using that function from an Ontology Action?
Thanks!
