What are the best practices for accessing environment variables in a production build when it’s generally considered bad practice to push .env files to the production repo?
I’m currently working on a project where I need to access environment variables (such as API keys and database credentials), but I’m not sure how to do this without including the .env files in the production repository.
If I push them, then that leaves me open for an attack if someone accesses the repo. But if I don’t, then the resulting code that is compiled won’t have access to those necessary credentials.
What are some best practices for handling this situation? Are there any tools or methods that can help with accessing environment variables in a production build without pushing them directly to production?
const connection = {
host: "127.0.0.1",
// All of these will result in undefined
user: process.env.DB_PROD_USER,
pass: process.env.DB_PROD_PASS,
table: process.env.DB_PROD_TABLE
};