Environments & Secrets

This is the canonical page for env files, secret files, lookup order, and ${...} mapping.

File model

.env
.env.staging
.env.prod
.env.staging.secrets
.env.prod.secrets

Secrets files should be ignored by git:

*.secrets

What your tests read

• ctx.vars.require("KEY") for required config
• ctx.vars.get("KEY") for optional config
• ctx.secrets.require("KEY") for required secrets

const baseUrl = ctx.vars.require("BASE_URL");
const token = ctx.secrets.require("API_TOKEN");

Lookup order

Glubean resolves each key by name. File values win first, then shell or system environment is used as fallback.

• ctx.vars.*("KEY"): .env (or --env-file) -> system environment KEY
• ctx.secrets.*("KEY"): matching .secrets file -> system environment KEY

This means if your shell already has BASE_URL and API_KEY, you can run tests without duplicating those values into local files.

export BASE_URL=https://api.example.com
export API_KEY=sk_live_xxx
glubean run

If your shell variable names are different from the names used in tests, map them in .env / .env.secrets with ${...}.

# .env
BASE_URL=${GLUBEAN_URL}
 
# .env.secrets
API_KEY=${GLUBEAN_API_KEY}

Then your tests can keep using:

const baseUrl = ctx.vars.require("BASE_URL");
const apiKey = ctx.secrets.require("API_KEY");

Switching environments

• Local default: .env
• Staging: --env-file .env.staging
• Production verification: --env-file .env.prod

glubean run ./tests --env-file .env.staging

The extension can switch the active env from the status bar.

Next

• SDK: Variables & Secrets
• Extension: Environments