Environment Configuration Spec

Applications should read configuration from environment variables, following the twelve-factor app methodology.

Required Variables

Define all required variables in a .env.example file (committed) and a .env file (gitignored). Fail fast at startup if any required variable is missing.

Validation

Parse and validate all environment variables at application startup. Convert strings to the expected types (numbers, booleans, URLs). Use a schema validation library for complex configurations.

Secrets

Never log secret values. Never include them in error messages. Rotate secrets regularly. Use a secrets manager in production instead of environment variables when possible.