Skip to main content

Environment Variables

The .env file is a simple text file that contains key-value pairs, where each line represents an environment variable. For example:

To hide secrets from a Git repository using an .env file, you can follow these steps:

  1. Create an .env file: In the root directory of your project, create a file named .env. This file will contain your secret environment variables.

  2. Add secrets to the .env file: Open the .env file in a text editor and add your secret environment variables in the following format:

DB_HOST=localhost
DB_PORT=5432
DB_USER=myuser
DB_PASSWORD=mypassword

to load environment variables from a .env file into the application's environment. Environment variables are typically used to store sensitive information or configuration values that can vary depending on the deployment environment (e.g., development, staging, production).

  1. Add .env to .gitignore: Create or open the .gitignore file in the root directory of your project. Add a line with .env to the file. This will tell Git to ignore the .env file and not include it in the repository.

Remember to be cautious with your secret values and avoid hardcoding them in your code or sharing them publicly. Additionally, ensure that the .env file is not accidentally committed to the repository in any previous commits. If it has been committed, you'll need to remove it from the repository's history using Git commands like git filter-branch or git rebase before pushing the changes to a remote repository.

  1. Access secrets in your code: In your code, you can access the environment variables defined in the .env file. The exact method depends on the programming language or framework you are using. For example, in Python, you can use a package like python-dotenv to load the environment variables from the .env file.

  2. Safely share the code: After completing the above steps, you can safely share your code repository without exposing your secret values.

Secrets​

  • SSH Keys
  • certs
  • database passwords
  • database connection strings
  • signing tokens
  • encryption keys
  • third party tokens