Forum Discussion

phildmno's avatar
phildmno
Occasional Contributor
11 days ago

[new tool] varlock: schema-driven env vars



TL;DR: We've launched something new, it's called varlock. It's like DMNO but simpler and easier to get started. It's built on top of the .env files you're already using. 

It makes them safer to use and share.  

We'd love your feedback.

>> 🧙‍♂️https://varlock.dev 

---

We've been heads down working on the next evolution of secrets and configuration tooling building on what we've learned so far creating DMNO

If you've used DMNO, varlock will feel familiar. But instead of writing schemas in TypeScript, we've created a lightweight DSL that sits on top of your .env files. We think this allows for much simpler onboarding (and offboarding!). And because it's all based on decorators in comments, it should play nice with your existing tools. 

For any tools that would like to make use of this new syntax, we've also created an open specification, we call it @env-spec, and there's an active RFC if you would like to get involved. 

>> RFC: https://github.com/dmno-dev/varlock/discussions/17 

—-

So why varlock? 

Varlock is a suite of tools built to improve the experience of working with environment variables, both in terms of security and developer experience.

It provides: 

  • Validation - catch errors in development instead of production
  • Type-safety - improved DX via detailed IntelliSense
  • Security - secret redaction in stdout and global console methods
  • Environments - Compose defaults, environment-specific .env files, and local git-ignored overrides
  • Secrets - use any third party provider that has a CLI to load values

What next?

We're just getting started and we have big plans to expand the feature set of varlock. 

Coming soon you'll see:

  • Local override encryption via a desktop app using biometrics
  • Shared team vaults with trustless cloud storage
  • GitHub App to track config changes with audit trails
  • Deeper integration with providers like 1Password

If you've read this far, thank you. Please check out varlock and let us know what you think by replying to this post, or joining us on Discord. Tools like this are only as good as the community that shapes them. 

>> 🧙‍♂️https://varlock.dev 

Thanks ✌️

CLI
discussion
integrations
secrets management
security

1 Reply

  • phildmno's avatar
    phildmno
    Occasional Contributor
    11 days ago

    Also, we want to acknowledge that if you're all-in on 1Password for secrets in your dev workflows then there's a good amount of overlap with varlock. You will still benefit from the validation, type-safety, etc so we think it's worth it. 

    And if you're using multiple providers, then you will benefit even further by having a more consistent way to manage your env vars.