The problem :
We are working in a team of 10 developers, we are building an API, we are using a lot of environment variables which varies from access keys to apis keys. As you know those variables are not gitable.
Each one has a .env file in his local laptop and we are sharing a global sample.env which is also on our Github.
Sometimes a dev may update his .env file and change his environment variables while working on a feature and forget to update the sample.env file or update the team with the new environment variable.
This leads to some frustrating and useless bug when the other developer is testing the feature. Sometimes you end spending 1 hour on a bug and then discover that it was due to outdated environment variables.
The question:
How do you keep the .env file secret but synchronized within the team so that each time we update the environment variable it's updated for every member of the team?
I was thinking about a secret gist file with auto-update when the .env file is updated by any team member.
How do you handle this scenario in your team?
Top comments (11)
Hey! My team and I have just launched Envault, the service which solves this exact problem!
We would love to hear your feedback! Thanks.
Damn sexy man, This is what I was looking for. But right when I land on the page, it feels like it would be awesome. Looking forward to testing it.
I will give it a try this weekend.
Does it support another language beside PHP?
Yeah, you ou can now use Envault to sync any .env file, with our new NPX CLI. Laravel, October CMS, Symfony, Ruby on Rails, JavaScript... you name it, if it uses a .env file, we can handle it. No extra installation is required, only Node.js on your computer.
how can I do this? I've tried several times, can you help me?
Hey there!
I'm the co-founder and CEO of Infisical; we're working on a simple, end-to-end encrypted solution to sync .env files β it takes 3 minutes to set up and enables devs to automatically pull and inject environment variables into their local processes by changing their start/dev scripts.
It also supports push/pull commands if you wish to keep using .env files :)
Check it out!
Wow, this product is absolutely awesome! :)
I wouldn't put the secrets on GitHub, even in a secret gist. Why not using a shared password manager account? Something like 1Password or LastPass
I found this repository here build recently, It solves this problem
Hey! My team had this issue so I decided to build a cloud based solution, it's in Alpha at the moment but updates are being made nightly.
vaultshare.io