Description
Currently, Dotenvx is not properly supported by Vite.
We are using dotenvx (from the creator of dotenv) to manage our environment variables in Astro and Vite.
This means that a .env and a .env.production is available for every app in our monorepo with encrypted values, as follows:
SOME_ENV_VAR="encrypted:BA/01aCs2DHMHJc2SFeg...etcetc...f1TZg="
However, this currently results in Vite picking up the encrypted values without decrypting them. This results in unexpected situations, such as: running a production build with Astro as follows:
npx dotenvx run -f .env.production --strict -- astro build
I expect this command to only inject production .env values. However, Vite is automatically inserting the available .env file with encrypted values alongside the requested .env.production. This interferes with our Astro environment variable validation. We validate whether certain variables are present using Astro schema validation. Encrypted variables in the .env file are considered as "valid", even when encrypted (they are valid strings), therefore disrupting our env variable validation.
We currently use a workaround by setting the envDir to "bogus" in our Astro config. This is of course not a desirable solution.
Context @ Vite Discord: https://discord.com/channels/804011606160703521/1327200673518977046
Looking forward to work towards a solution together!
Suggested solution
There are some directions:
- Adding an option to disable automatic .env-variable inclusion
- Adding a detection-mechanism for encrypted .env values
- ...
Alternative
No response
Additional context
No response
Validations
Description
Currently, Dotenvx is not properly supported by Vite.
We are using dotenvx (from the creator of dotenv) to manage our environment variables in Astro and Vite.
This means that a
.envand a.env.productionis available for every app in our monorepo with encrypted values, as follows:SOME_ENV_VAR="encrypted:BA/01aCs2DHMHJc2SFeg...etcetc...f1TZg="
However, this currently results in Vite picking up the encrypted values without decrypting them. This results in unexpected situations, such as: running a production build with Astro as follows:
I expect this command to only inject production .env values. However, Vite is automatically inserting the available
.envfile with encrypted values alongside the requested .env.production. This interferes with our Astro environment variable validation. We validate whether certain variables are present using Astro schema validation. Encrypted variables in the .env file are considered as "valid", even when encrypted (they are valid strings), therefore disrupting our env variable validation.We currently use a workaround by setting the envDir to "bogus" in our Astro config. This is of course not a desirable solution.
Context @ Vite Discord: https://discord.com/channels/804011606160703521/1327200673518977046
Looking forward to work towards a solution together!
Suggested solution
There are some directions:
Alternative
No response
Additional context
No response
Validations