Environments
Overview
Section titled “Overview”Environments let you store different values for the same secret name across deployment stages. Every vault starts with a default development environment.
List Environments
Section titled “List Environments”passbox environment list [options]Options
Section titled “Options”| Option | Description |
|---|---|
--vault <name> | Vault name or ID |
Example
Section titled “Example”passbox environment list --vault my-app# development (default)# staging# productionCreate an Environment
Section titled “Create an Environment”passbox environment create <name> [options]Options
Section titled “Options”| Option | Description |
|---|---|
--vault <name> | Vault name or ID |
--description <text> | Optional description |
Example
Section titled “Example”passbox environment create staging --vault my-app --description "Staging environment"Delete an Environment
Section titled “Delete an Environment”passbox environment delete <name> [options]Requires admin or owner role. Deleting an environment also deletes all secrets in that environment.
Options
Section titled “Options”| Option | Description |
|---|---|
--vault <name> | Vault name or ID |
Clone an Environment
Section titled “Clone an Environment”passbox environment clone <target> --from <source> [options]Copies all secrets from one environment to another. Useful for initializing a new environment with existing config.
Options
Section titled “Options”| Option | Description |
|---|---|
--from <name> | Source environment to clone from |
--vault <name> | Vault name or ID |
Example
Section titled “Example”# Create production environment with staging's secretspassbox environment create production --vault my-apppassbox environment clone production --from staging --vault my-appUsing the —env Flag
Section titled “Using the —env Flag”Most secret commands accept --env to target a specific environment:
# Store secrets in different environmentspassbox set DATABASE_URL "postgres://dev/db" --env developmentpassbox set DATABASE_URL "postgres://staging/db" --env stagingpassbox set DATABASE_URL "postgres://prod/db" --env production
# Retrieve from specific environmentpassbox get DATABASE_URL --env production
# List secrets in an environmentpassbox list --env staging
# Run with production secretspassbox run --env production -- node server.js
# Push/pull .env for specific environmentpassbox env push .env.staging --env stagingpassbox env pull --env production -o .env.productionDefault Environment
Section titled “Default Environment”When --env is not specified, PassBox uses:
- The
environmentfield from.passbox.json(if present) - The
defaultEnvironmentfrom~/.passbox/config.json - The vault’s default environment (usually
development)
Set a default:
# Per-project (in .passbox.json)passbox init # select environment during setup
# Globalpassbox config set defaultEnvironment staging