Your Lair can reference environment variables on process execution. For additional security, you can add both an
.secretsfile should be used for any sensitive data, such as private keys, as it is end-to-end encrypted.
# my-lair-a > .env
# my-lair-a > .secrets (example only, data is end-to-end encrypted)
First, create an
.secretsfile in your Lair by selecting the ＋ icon in the search bar or manually initializing an empty file.
.secretsfile from your Lair file system. Select “+ Add New Env/Secret” and enter a key and value for your environment variable.
To maintain strict security practices, environment variables added to the .secrets file cannot be modified after creation. Additionally, creating new variables within your .secrets file will require a network connection to avoid local persistence of any unencrypted data.
Environment variables are injected into your Lair’s environment during process execution, and can be accessed using standard os libraries.
# Get environment variable values
USER = os.getenv('USER')
KEY = os.environ.get('API_KEY')
# Getting non-existent keys
FOO = os.getenv('FOO') # None
BAR = os.environ.get('BAR') # None
BAZ = os.environ['BAZ'] # KeyError: key does not exist.
.secretsfile is end-to-end encrypted and we employ the leading data practices to keep your sensitive data secure. Please see Security for more details.