This week's tip of the week is Varlock, a schema-first way to manage your environment variables.
If you have ever had a deploy break because someone forgot to add an env var to CI, a value was malformed, or .env.example drifted out of sync with reality weeks ago, this one is for you.
Varlock gives you a single .env.schema file as the source of truth for your config. You define what is required, what type it should be, what the defaults are, and whether values are sensitive. Then validation runs before your app gets far enough to cause damage.
Here is what a schema looks like:
# @defaultSensitive=false @defaultRequired=infer @currentEnv=$APP_ENV
# ---
# @type=enum(development, preview, production, test)
APP_ENV=development
# @type=port
API_PORT=8080
# @type=url
API_URL=http://localhost:${API_PORT}
# @required
# TURSO_AUTH_TOKEN=And here is what happens when a required var is missing:
🚨 🚨 🚨 Configuration is currently invalid 🚨 🚨 🚨
Invalid items:
❓ TURSO_AUTH_TOKEN* 🔐sensitive
└ undefined
- Value is required but is currently empty
💥 Resolved config/env did not pass validation 💥Config failures become obvious early instead of showing up as mystery bugs in production.
Right now Varlock is focused on JavaScript and Vite-based projects, but other language support is in the works, including automatic type generation from your schema. Worth keeping an eye on if you are not in the JS ecosystem yet.
Want the full walkthrough? Check out my latest blog post, Stop Shipping Broken Env Config.
That's it! Short and sweet. Until the next one!
