☠️
smadi0x86 Playground
  • 💀Welcome to smadi0x86 Playground
    • 🍷Resources
    • 🚬Projects
    • 🎓Certifications
    • 📌Pinned
    • ❓Questions
    • 📞Contact
  • 🏞️Cloud Native
    • Docker
      • Quick Reference
      • Introduction
      • Containers
      • Images
      • Storage & Volumes
      • Security
      • Cheatsheet
    • Git
    • Serverless Framework
    • YAML
  • 🔨Software Engineering
    • System Design
    • Environment Variables
    • JSON Web Tokens
  • 👾Architecture
    • C Language
      • Introduction
      • Calling Conventions
      • GCC Compilation
      • Libraries & Linking
      • I/O
      • Files
      • Pointers
      • Dynamic Memory Allocation
      • Data Types
      • Strings Manipulation
      • Bit Manipulation
      • Pre-processors
      • Macros
      • Type Qualifiers
    • C/C++ Build Systems
      • Fundamentals for Linking
      • Symbolic Linking
      • Cross-Platform Compilation
      • CMake for Building and Linking
      • Shared Libraries
      • Dynamic Linking and Dependency Management
    • Operating Systems
      • OS & Architecture
      • Processes
      • CPU Scheduling
      • Memory Management
  • 🛩️Cyber Warfare
    • Flight Physics
    • Communication
      • PWM & PPM
      • MAVLink
  • 🏴‍☠️Offensive Security
    • Active Directory
      • Introduction
    • Web Attacks
      • Server Side
        • OS Command Injection
        • Information Disclosure
        • Directory Traversal
        • Business Logic
        • Authentication
        • File Upload
        • SSRF
      • Client Side
        • CSRF
        • XSS
    • Recon
      • Active
        • Host discovery
        • Nmap
        • Mass Scan
      • Passive
        • Metadata
      • Web Applications
        • Discovery
        • Subdomains & Directories
        • SSL Certs
        • CMS
        • WAF Detection
      • Firewall Evasion
  • Binary Exploitation
    • Stack Smashing
      • x86
      • x86_64
    • pwntools
      • Processes and Communication
      • Logging and Context
      • Cyclic
      • Packing
      • ELF
      • ROP
  • 😈Advanced Persistent Threat
    • C2
      • Sliver
    • Malware
      • Windows Internals
        • PEB
      • Academy
        • Basics
      • Sektor7
        • Essentials
  • 💌Certifications
    • AWS Certified Cloud Practitioner (CLF-C01)
      • Cloud Foundations
      • Domain 1: Cloud Concepts
      • Domain 2: Security and Compliance
      • Domain 3: Technology
      • Domain 4: Billing and Pricing
    • AWS Certified Solutions Architect - Associate (SAA-C03)
      • Foundation
    • Certified Kubernetes Administrator (CKA)
      • Core Concepts
      • Scheduling
      • Logging & Monitoring
      • Application Lifecycle Management
      • Cluster Maintenance
      • Security
      • Storage
      • Networking
      • Design Kubernetes Cluster
      • Kubernetes The Kubeadm Way
      • Troubleshooting
      • JSONPATH
      • Lightning Lab
      • Mock Exams
      • Killer Shell
    • Certified Kubernetes Security (CKS)
      • Foundation
      • Cluster Setup
      • Cluster Hardening
      • Supply Chain Security
      • Runtime Security
      • System Hardening
      • Killer Shell
    • (KGAC-101) Kong Gateway Foundations
      • Introduction to APIs and API Management
      • Introduction to Kong Gateway
      • Getting Started with Kong Enterprise
      • Getting Started with Kong Konnect
      • Introduction to Kong Plugins
  • 📜Blog Posts
    • Modern Solutions For Preventing Ransomware Attacks
Powered by GitBook
On this page
  • What are Environment Variables
  • Setting Environment Variables
  • On Your Local Development Machine
  • Reading Environment Variables in Code
  • Using .env Files for Local Development
  • Environment Variables in Production
  • Best Practices
  1. Software Engineering

Environment Variables

Environment variables keep secrets out of your code, and have different settings for different stages of your application (like development, testing, and production).

What are Environment Variables

Environment variables are key-value pairs stored outside of your application's configuration that can affect how it runs.

They're often used for:

  • Configuring different environments (development, production, etc.).

  • Storing secrets, like API keys, which should not be hard-coded or stored in the source code.

  • Parameterizing settings so that they can be changed without altering the application's code.

Setting Environment Variables

On Your Local Development Machine

Windows (Command Prompt):

set MY_VARIABLE=my_value

Windows (PowerShell):

$env:MY_VARIABLE = "my_value"

Linux/macOS:

export MY_VARIABLE=my_value

Reading Environment Variables in Code

Python:

import os
my_variable = os.environ.get('MY_VARIABLE')

Node.js:

const myVariable = process.env.MY_VARIABLE;

Using .env Files for Local Development

For local development, instead of setting variables in the command line every time, you can use .env files.

Tools like dotenv for Node.js and python-decouple for Python allow you to load environment variables from .env files into your application.

Example .env file:

DATABASE_URL=postgres://user:password@localhost:5432/mydatabase
SECRET_KEY=mysecretkey
DEBUG=True

Environment Variables in Production

In production, environment variables can be set:

  • Directly on the server: Use the methods mentioned above.

  • Using a platform's dashboard: Platforms like Heroku or AWS Elastic Beanstalk allow you to set environment variables via their dashboard.

  • Container Orchestration Systems: Systems like Kubernetes allow you to set environment variables for your containers in your deployment configurations.

Best Practices

  1. Don't Commit Secrets: Never commit secrets (API keys, database passwords, etc.) to version control. Instead, use environment variables.

  2. Use .env files for Local Development Only: .env files are great for local development but shouldn't be used in production settings. Instead, set environment variables directly on your production servers or through your orchestration tool.

  3. Have Clear Documentation: If you're working on a team, ensure everyone knows what environment variables are required for the application to run and what they're used for.

Some environment variables can be set as key-value in softwares such as gitlab & when you push code it automatically identifies these variables

PreviousSystem DesignNextJSON Web Tokens

Last updated 1 year ago

🔨
Page cover image