Skip to content

Environment Variables

Environment variables are injected into builds at build time. They are scoped per environment (production, preview, or all) and encrypted at rest with AES-256-GCM. Values are never returned by the API — only keys and metadata are visible.

Each variable targets one of three environments:

EnvironmentApplies ToExample Use Case
productionDefault branch builds onlyProduction API keys, analytics IDs
previewNon-default branch builds onlyStaging API keys, test credentials
allAll buildsShared config (site name, public URLs)

The build system resolves which environment a build targets by comparing the branch name to the project’s default_branch.

Terminal window
curl -X POST https://api.deploybase.eu/api/v1/projects/PROJECT_ID/env \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"key": "API_KEY", "value": "sk_live_abc123", "environment": "production"}'

Setting the same key + environment again overwrites the value (upsert).

Import multiple variables from .env file format:

Terminal window
curl -X POST https://api.deploybase.eu/api/v1/projects/PROJECT_ID/env/bulk \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"content": "API_KEY=sk_live_abc123\nDATABASE_URL=postgres://...\nSITE_NAME=\"My Blog\"",
"environment": "production"
}'

The parser handles:

  • KEY=VALUE (unquoted)
  • KEY="VALUE" (double-quoted)
  • KEY='VALUE' (single-quoted)
  • Inline comments (KEY=value # comment)
  • Full-line comments (# comment)
  • Duplicate keys (last occurrence wins)
Terminal window
curl https://api.deploybase.eu/api/v1/projects/PROJECT_ID/env \
-H "Authorization: Bearer $TOKEN"

Returns keys, IDs, environments, and timestamps. Values are never returned — they are encrypted and only decrypted at build time inside the build container.

Terminal window
curl -X DELETE https://api.deploybase.eu/api/v1/projects/PROJECT_ID/env/ENV_VAR_ID \
-H "Authorization: Bearer $TOKEN"
RuleConstraint
Key format[a-zA-Z_][a-zA-Z0-9_]* (standard env var naming)
Key max length255 characters
Value max size32 KB
Reserved prefixDEPLOYBASE_ — keys starting with this prefix are rejected
Limit per project256 variables

During a build, environment variables matching the build’s target environment (production or preview) plus all variables scoped to all are decrypted and injected as environment variables in the build container. They are available to the install and build commands.

Variables are never written to build logs or exposed outside the build container.