Environment Variables
Environment variables are injected into builds at build time. They are scoped per environment (production, preview, or all) and encrypted at rest with AES-256-GCM. Values are never returned by the API — only keys and metadata are visible.
Environment Scoping
Section titled “Environment Scoping”Each variable targets one of three environments:
| Environment | Applies To | Example Use Case |
|---|---|---|
production | Default branch builds only | Production API keys, analytics IDs |
preview | Non-default branch builds only | Staging API keys, test credentials |
all | All builds | Shared config (site name, public URLs) |
The build system resolves which environment a build targets by comparing the branch name to the project’s default_branch.
Set a Variable
Section titled “Set a Variable”curl -X POST https://api.deploybase.eu/api/v1/projects/PROJECT_ID/env \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{"key": "API_KEY", "value": "sk_live_abc123", "environment": "production"}'Setting the same key + environment again overwrites the value (upsert).
Bulk Import
Section titled “Bulk Import”Import multiple variables from .env file format:
curl -X POST https://api.deploybase.eu/api/v1/projects/PROJECT_ID/env/bulk \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{ "content": "API_KEY=sk_live_abc123\nDATABASE_URL=postgres://...\nSITE_NAME=\"My Blog\"", "environment": "production" }'The parser handles:
KEY=VALUE(unquoted)KEY="VALUE"(double-quoted)KEY='VALUE'(single-quoted)- Inline comments (
KEY=value # comment) - Full-line comments (
# comment) - Duplicate keys (last occurrence wins)
List Variables
Section titled “List Variables”curl https://api.deploybase.eu/api/v1/projects/PROJECT_ID/env \ -H "Authorization: Bearer $TOKEN"Returns keys, IDs, environments, and timestamps. Values are never returned — they are encrypted and only decrypted at build time inside the build container.
Delete a Variable
Section titled “Delete a Variable”curl -X DELETE https://api.deploybase.eu/api/v1/projects/PROJECT_ID/env/ENV_VAR_ID \ -H "Authorization: Bearer $TOKEN"Validation Rules
Section titled “Validation Rules”| Rule | Constraint |
|---|---|
| Key format | [a-zA-Z_][a-zA-Z0-9_]* (standard env var naming) |
| Key max length | 255 characters |
| Value max size | 32 KB |
| Reserved prefix | DEPLOYBASE_ — keys starting with this prefix are rejected |
| Limit per project | 256 variables |
Build Injection
Section titled “Build Injection”During a build, environment variables matching the build’s target environment (production or preview) plus all variables scoped to all are decrypted and injected as environment variables in the build container. They are available to the install and build commands.
Variables are never written to build logs or exposed outside the build container.