Skip to content

Implement layered environment configuration system#254

Merged
jaypatrick merged 13 commits intomasterfrom
feature/env-configuration
Feb 3, 2026
Merged

Implement layered environment configuration system#254
jaypatrick merged 13 commits intomasterfrom
feature/env-configuration

Conversation

@jaypatrick
Copy link
Owner

@jaypatrick jaypatrick commented Feb 3, 2026
edited
Loading

Overview

This PR implements a layered environment configuration system using .envrc and direnv for automatic environment management based on git branches, with full GitHub Actions integration.

Changes

Environment File Structure

  • .env - Base configuration shared across all environments (committed)
    • Non-sensitive defaults: PORT, COMPILER_VERSION, DENO_DIR
  • .env.development - Development-specific configuration (committed)
    • Local SQLite database
    • Cloudflare Turnstile test keys (always passes)
  • .env.production - Production configuration with placeholders (committed)
    • Template values only, actual secrets go in .env.local
  • .env.local - Local overrides and secrets (NOT committed)
    • All API keys, database credentials, and sensitive data
  • .env.example - Updated template with full documentation
  • .envrc - Environment loading logic (committed)
    • Automatic branch-to-environment mapping
    • Loads layered configuration files

Loading Order

Environment variables are loaded in this order (later overrides earlier):

  1. .env (base)
  2. .env.$ENV (environment-specific)
  3. .env.local (local overrides/secrets)

Branch-to-Environment Mapping

The .envrc automatically determines environment from git branch:

  • main/masterproduction
  • dev/developdevelopment
  • Other branches → local

Wrangler Integration

  • Updated wrangler.toml with environment-specific configurations
  • Added [env.development] and [env.production] sections
  • Environment variables loaded automatically during local dev
  • Production secrets managed via wrangler secret put

GitHub Actions Integration

  • Composite Action (.github/actions/setup-env)
    • Reusable action that mimics .envrc behavior
    • Automatically detects environment from branch
    • Loads .env and .env.$ENV files into workflow
    • Provides environment as output for conditional logic
  • Updated CI Workflow
    • Added environment loading to test job
    • Added environment loading to deploy job
    • Variables automatically available to all workflow steps
  • Comprehensive Documentation (.github/ENV_SETUP.md)
    • Usage examples and best practices
    • Security guidelines for production secrets
    • Debugging tips

Documentation

  • Created .env.README.md with comprehensive setup instructions
  • Created .github/ENV_SETUP.md for GitHub Actions usage
  • Includes troubleshooting guide and security best practices
  • Documents all available environment variables

Security Improvements

  • Updated .gitignore to allow base config files while keeping secrets ignored
  • Clear separation between committed config and local secrets
  • Test keys for development, placeholders for production
  • .envrc committed (contains no secrets, only loading logic)
  • .env.local never committed (contains all secrets)

Testing

  • ✅ Environment loads correctly on dev branch (development)
  • ✅ Variables properly layered from base → env-specific → local
  • ✅ Secrets remain in .env.local (not committed)
  • ✅ GitHub Actions integration works with branch detection
  • .envrc properly committed and loadable

Local Setup

# 1. Enable direnv (one-time setup)
brew install direnv
echo 'eval "$(direnv hook zsh)"' >> ~/.zshrc
source ~/.zshrc

# 2. Allow the .envrc file
direnv allow

# 3. Create your local secrets file
cp .env.example .env.local
# Edit .env.local with your actual secrets

# 4. Verify environment
echo $COMPILER_VERSION

GitHub Actions Usage

steps:
  - uses: actions/checkout@v4
  
  - name: Load environment variables
    uses: ./.github/actions/setup-env
  
  - name: Use variables
    run: echo "Version: $COMPILER_VERSION"

Wrangler Usage

# Local development (uses .env.local automatically)
wrangler dev

# Deploy to environments
wrangler deploy --env development
wrangler deploy --env production

Co-Authored-By: Warp agent@warp.dev

@jaypatrick @warp-agent
Implement layered environment configuration system
ee4cfc9 
- Add layered .env file structure (.env, .env.development, .env.production)
- Environment automatically selected based on git branch via .envrc
- Base config in .env (no secrets)
- Development config with test Turnstile keys
- Production config with placeholders
- All secrets moved to .env.local (not committed)
- Update wrangler.toml with environment-specific configurations
- Add comprehensive documentation in .env.README.md
- Update .gitignore to allow base config files while keeping secrets ignored

Loading order: .env → .env.$ENV → .env.local
Branch mapping: dev/develop → development, main/master → production

Co-Authored-By: Warp <agent@warp.dev>
@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Feb 3, 2026
edited
Loading

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
✅ Deployment successful!
View logs		 adblock-compiler 36bd709 Feb 03 2026, 09:16 PM

jaypatrick and others added 2 commits February 3, 2026 15:40
@jaypatrick @warp-agent
Add GitHub Actions integration for environment configuration
764ef73 
- Create reusable composite action .github/actions/setup-env
- Automatically detects environment from branch name (same logic as .envrc)
- Loads .env and .env.$ENV files into workflow environment
- Update CI workflow to use environment loading action
- Add comprehensive documentation in .github/ENV_SETUP.md
- Include GitHub Actions quickstart in .env.README.md

The setup-env action provides:
- Branch to environment mapping (main/master → production, dev/develop → development)
- Automatic loading of layered .env files
- Environment output for conditional workflow logic
- Verification step to confirm variables loaded

Co-Authored-By: Warp <agent@warp.dev>
@jaypatrick @warp-agent
Allow .envrc to be committed to repository
ecfacc3 
- Remove .envrc from .gitignore
- .envrc contains the environment loading logic needed for local development
- No secrets in .envrc - all secrets remain in .env.local (still ignored)

Co-Authored-By: Warp <agent@warp.dev>
@jaypatrick jaypatrick requested a review from Copilot February 3, 2026 20:43
@jaypatrick jaypatrick self-assigned this Feb 3, 2026
@jaypatrick jaypatrick added documentation Improvements or additions to documentation enhancement New feature or request labels Feb 3, 2026
@jaypatrick @warp-agent
Remove obsolete worker/.envrc file
33f3624 
The root .envrc now handles all environment loading with proper
layered configuration. The worker/.envrc is no longer needed and
contained outdated hardcoded values.

Co-Authored-By: Warp <agent@warp.dev>
@jaypatrick
Copy link
Owner Author

jaypatrick commented Feb 3, 2026

@copilot fix the CI errors

Copilot AI mentioned this pull request Feb 3, 2026
Merged
4 tasks
Copy link
Contributor

Copilot AI commented Feb 3, 2026

@jaypatrick I've opened a new pull request, #255, to work on those changes. Once the pull request is ready, I'll request review from you.

@jaypatrick
Fix GitHub Actions environment loading to filter comments and empty l…
ef742ac 
…ines

Co-authored-by: jaypatrick <1800595+jaypatrick@users.noreply.github.com>
Copilot AI reviewed Feb 3, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Implements a layered environment configuration approach for local development and CI by introducing committed base/env-specific .env files, a direnv-driven .envrc, and a reusable GitHub Actions composite action to load environment variables based on the branch.

Changes:

  • Added committed .env / .env.development / .env.production plus updated .env.example and new .env.README.md to document the layered configuration approach.
  • Added .envrc for automatic branch-to-environment mapping and layered env loading via direnv.
  • Added a composite action (.github/actions/setup-env) and wired it into CI to load env vars in GitHub Actions; updated wrangler.toml env sections.

Reviewed changes

Copilot reviewed 11 out of 12 changed files in this pull request and generated 11 comments.

Show a summary per file
File Description
wrangler.toml Adds env-specific sections and adjusts variable management; updates Hyperdrive local connection config.
.gitignore Stops ignoring committed base env files while keeping local secrets ignored.
.github/workflows/ci.yml Loads environment variables in CI jobs via the new composite action.
.github/actions/setup-env/action.yml Composite action to detect environment from branch and load .env files into $GITHUB_ENV.
.github/ENV_SETUP.md Documentation for using the composite action in workflows.
.envrc direnv-based loader implementing branch-to-environment mapping and layered env loading.
.env Base committed env defaults intended to be shared across environments.
.env.development Development-specific env defaults (e.g., sqlite and Turnstile test keys).
.env.production Production env template/defaults intended for main/master.
.env.example Expanded template documenting available variables and setup.
.env.README.md Repository-level documentation for the layered environment system.

@jaypatrick
Merge pull request #255 from jaypatrick/copilot/sub-pr-254
85ee81a 
[WIP] Implement layered environment configuration system
@jaypatrick
Copy link
Owner Author

jaypatrick commented Feb 3, 2026

@copilot open a new pull request to apply changes based on the comments in this thread

Copilot AI mentioned this pull request Feb 3, 2026
Merged
Copy link
Contributor

Copilot AI commented Feb 3, 2026

@jaypatrick I've opened a new pull request, #256, to work on those changes. Once the pull request is ready, I'll request review from you.

Copilot AI and others added 2 commits February 3, 2026 21:01
@jaypatrick
Fix environment configuration issues from PR review
78cadd7 
- Fix GitHub Actions setup-env to properly parse dotenv files (strip quotes, handle comments)
- Update .envrc to use direnv's built-in dotenv loader instead of custom function
- Update .env COMPILER_VERSION from 0.8.3 to 0.11.4 to match deno.json
- Remove DENO_DIR from base .env (breaks GitHub Actions on /app/.deno path)
- Fix .env.production to use empty placeholders for Turnstile keys
- Update .env.production documentation to clarify wrangler secret usage
- Fix wrangler.toml localConnectionString to use real connection string template
- Update .github/ENV_SETUP.md branch mapping table to match actual behavior
- Fix .env.README.md to clarify .envrc should be committed
- Update deno.json dev task to remove --env=.envrc flag (now handled by direnv)

Co-authored-by: jaypatrick <1800595+jaypatrick@users.noreply.github.com>
@jaypatrick
Merge pull request #256 from jaypatrick/copilot/sub-pr-254
2512dab 
Fix environment configuration parsing and documentation issues
@jaypatrick
Copy link
Owner Author

jaypatrick commented Feb 3, 2026

@copilot fix the ci errors

Copilot AI mentioned this pull request Feb 3, 2026
Merged
Copy link
Contributor

Copilot AI commented Feb 3, 2026

@jaypatrick I've opened a new pull request, #257, to work on those changes. Once the pull request is ready, I'll request review from you.

Copilot AI and others added 2 commits February 3, 2026 21:08
@jaypatrick
Fix markdown formatting in .env.README.md
cb03b80 
Co-authored-by: jaypatrick <1800595+jaypatrick@users.noreply.github.com>
@jaypatrick
Merge pull request #257 from jaypatrick/copilot/sub-pr-254
36bd709 
Fix markdown formatting violations in .env.README.md
@jaypatrick jaypatrick merged commit 9c4472e into master Feb 3, 2026
12 checks passed
@jaypatrick jaypatrick deleted the feature/env-configuration branch February 3, 2026 21:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@jaypatrick jaypatrick

Labels

documentation Improvements or additions to documentation enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jaypatrick