Este post também está disponível em Português.
There are some things we just shouldn’t share with our code. These are often configuration values that depend on the environment such as debugging flags or access tokens for APIs like Twilio. Environment variables are a good solution and they are easy to consume in most languages.
Environment variables, as the name suggests, are variables in your system that describe your environment. The most well known environment variable is probably
PATH which contains the paths to all folders that might contain executables. With
PATH, you can write just the name of an executable rather than the full path to it in your terminal since the shell will check the local directory as well as all directories specified in the
PATH variable for this executable.
Aside from ‘built-in’ variables we also have the opportunity to define our own environment variables. Since they are bound to our environment they are great for things such as API access tokens. You could have a variable set to one value on your development machine and another in your production environment without having
if-statements or special config files.
Twilio’s helper libraries for example, look for the
TWILIO_AUTH_TOKEN environment variables if you instantiate a client without the two values. This way you don’t have to worry about accidentally pushing sensitive credentials to a place such as GitHub.
Windows Environment Variables
Setting environment variables in Windows is pretty hidden in several layers of settings dialogs. Just like most things in Windows, we will set environment variables using a graphical user interface. To open the respective interface you first have to open the Windows Run prompt. Do so by pressing the
R key on your keyboard at the same time. Type
sysdm.cpl into the input field and hit
Enter or press Ok.
In the new window that opens, click on the Advanced tab and afterwards on the Environment Variables button in the bottom right of the window.
The window has two different sections. One is the list of environment variables that are specific to your user. This means they aren’t available to the other users. The other section contains the system-wide variables that are shared across all users.
Create a user specific variable by clicking the New button below the user-specific section. In the prompt you can now specify the name of your variable as well the value. Create a new variable with the name
TWILIO_ACCOUNT_SID and copy your Twilio Account SID from the Console. Press Ok in the prompt to create the variable, followed by Ok on the Environment Variables window. You are all set now.
To test if it worked open the Command Prompt by pressing
R and typing
cmd.exe. If you have the Command Prompt open already, make sure to restart it to ensure your changes are applied. Inside the Command Prompt execute the following command:
This should print the value that you saved in the environment variable.
macOS and Linux Distributions
In order to set environment variables on macOS or any UNIX based operating system you first have to figure out which shell you are running. You can do that by running in your terminal the command:
The end of the output should indicate which shell you are running. The typical shell is the
bash shell which we will be using in this example. But the steps are similar for other shells like
In order to set an environment variable we need to use the export command in the following format:
Since this would only set this for our current session we need to add this command into a file that is executed for every session. For this open the
.bashrc file in your home directory with your favorite code editor. Add the following line somewhere in your
youraccountsid with your actual Account SID from your Twilio Console. Save the file and open a new terminal instance to test if it worked by running:
You should see the value that you stored in it.
In some situations you only need an environment variable set for only a single project. In that case
.env files are a great solution. It’s a file inside your project in which you specify these environment variables and afterwards you use a library for your respective programming language to load the file which will dynamically define these variables.
There are libraries for most programming languages to load these files. Here are a few:
.env file in your project folder (typically at the root) and place the key value pairs in there. This can look like this:
Now all you need to do is consume the respective library and then you can use the environment variable. In Node.js the respective code would look like this:
require('dotenv').config(); console.log('Your environment variable TWILIO_ACCOUNT_SID has the value: ', process.env.TWILIO_ACCOUNT_SID);
Since you most likely don’t want to commit your environment variables to a repository, make sure to add the
.env file to your
.gitignore to avoid accidentally pushing it.
Setting environment variables on your local development machine or in a VM is only half the work. What if we are hosting our application in a cloud environment such as Heroku, Azure or AWS or even wrap it in a Docker container? Luckily, all of these providers support ways to define environment variables. You can find instructions on how to set them in their documentations:
If you can’t find your cloud host among this list it doesn’t necessarily mean there is no way to configure environment variables. Make sure to check their documentation for more on it.
That’s it! Now you can set environment variables which means that you can take all of your environment based configuration values out of your code and make your code more flexible and safe!
Be mindful that these values are still stored in plain text. If you are planning to store very sensitive values you should look into something like a secret storage solution such as Vault.
If you have any questions or would like to show me the awesome thing you are currently building, feel free to send me an email to: email@example.com or contact me on Twitter @dkundel. I can’t wait to see what you build.