In GitHub Actions or GitLab CI, you can define different environment groups (staging, production) and set variables per group. Then, at runtime, generate a .env.production file from those secrets if needed. A safer approach is to pass them directly as environment variables.
If you are building a custom Node.js application, you can use the dotenv package alongside a dynamic variable to load specific .env- files manually. 1. Install Dependency npm install dotenv Use code with caution. 2. Configure Your Scripts
First, let's define our terms. The standard Twelve-Factor App methodology dictates that configuration should be stored in environment variables. To make local development easier, developers use .env files—plain text files listing key-value pairs (e.g., DB_PASSWORD=supersecret ). In GitHub Actions or GitLab CI, you can
require('dotenv-flow').config(); // Loads .env, .env.development, .env.local, .env.development.local // according to NODE_ENV
It supplies oxygen through plants and trees, fresh water from rivers and rain, and fertile soil for agriculture. If you are building a custom Node
.env-test : Used by automated testing frameworks. This file typically points to a temporary "mock" database that can be wiped clean after every test suite run.
Adopting the .env- file ecosystem turns configuration management from a manual, error-prone chore into a secure, predictable, and fully automated architecture. By keeping your environments isolated, using template files for team onboarding, and restricting production keys to secure runtime injection, you protect your application from both structural bugs and devastating credential leaks. Share public link error-prone chore into a secure
While .env- files are excellent for local development, loading physical files into production servers or cloud containers can be inefficient or insecure. : Use .env-development copied to a local .env .
Instead, use the cloud provider's native or Secret Manager . These platforms inject the variables directly into the server's memory at runtime, ensuring that no sensitive plain-text files sit on the server's hard drive. Summary Table: Standard Configuration Layout Committed to Git? Contains Real Secrets? .env-example Template for the development team Yes No (Placeholders only) .env-development Local development environment settings No Mock secrets only .env-test Configuration for running automated tests No Mock/Local database urls .env-staging Pre-production testing server configuration No Staging-level secrets .env-production Live production website configuration No Yes (Highly Sensitive) Conclusion
Environment variables are the bedrock of secure, scalable software configuration. They separate sensitive data and environment-specific settings from your core application logic. While almost every developer is familiar with the standard .env file, the hyphenated suffix pattern—represented by the keyword .env- —has become an industry standard for managing multiple deployment environments.
Furthermore, backups and archiving tools (like tar or zip ) often ignore .gitignore rules entirely. A developer running zip -r backup.zip . will happily include every .env- file.