Environment Variables Overview
Modern applications rarely operate in a vacuum. They require tokens, database URLs, port bindings, and API keys. UniRTM treats Environment Variable management as a first-class citizen alongside tool versioning.
The Problem with Traditional .env
Traditionally, developers rely on utilities like dotenv, direnv, or hardcoded exports in .bashrc to manage environment variables. These approaches suffer from:
- Shell Dependency:
direnvrequires shell hooks. - Language Dependency:
dotenvrequires parsing libraries in every language (Node, Python, Go) you use in a monorepo. - Scoping Issues: Global exports pollute your system and can leak secrets to unrelated applications.
UniRTM's Solution: Contextual Environments
UniRTM dynamically injects environment variables right before executing a tool or a task. This means the environment variables are strictly scoped to the exact process being spawned.
Multi-Tier Resolution Strategy
UniRTM evaluates environment variables using a strict hierarchy (from highest to lowest precedence):
- CLI Overrides:
PORT=8080 unirtm run start - Task Specific Variables: Variables defined inside a specific
[tasks.start.env]block in.unirtm.toml. - Project Variables (
.unirtm.toml): Global variables defined in the[env]block of the project's.unirtm.toml. - Local Env Files (
.env): Standard.envfiles located in the project directory. - Global UniRTM Env: Variables defined in
~/.config/unirtm/config.toml. - System Environment: Inherited from the OS.
Example: The .unirtm.toml [env] Block
You can define variables natively inside your configuration file:
[env]
NODE_ENV = "development"
API_ENDPOINT = "https://api.staging.example.com"
# You can even use variable interpolation
DEBUG_URL = "${API_ENDPOINT}/debug"Supported Formats
UniRTM natively parses and evaluates:
- Standard
key=valueformats. - Quotes handling:
"value"and'value'. - Export syntax:
export KEY=value(theexportkeyword is safely ignored). - Bash-style parameter expansion:
${VAR:-default}.
Integration with Secrets Management
For production secrets or sensitive keys, committing them to .unirtm.toml or .env is a security risk. See the Secrets Management guide to learn how UniRTM integrates with tools like 1Password CLI, AWS Secrets Manager, and HashiCorp Vault to securely fetch secrets on-the-fly.
