Secrets: Environment Variables and Build Args
Shipyard allows you to define secrets (plaintext or hidden) that are injected into your environments. This keeps your project secure so you won't need to worry about storing this data in any of your repositories.
Shipyard injects secrets at:
- build time (called build arguments) OR
- runtime (called environment variables)
User-defined
You can add secrets individually:

Or use Batch Upload to set multiple secrets at once.

When batch uploading, copy the contents of your .env
file and paste them into the modal.
If you're not using an .env
file to store your variables, run something like the following command to
output your environment variables to your terminal:
env | grep 'DEV'
This returns all env vars whose key matches DEV
. Adjust your search term accordingly.
Shipyard-injected
In addition to allowing users to set custom secrets, Shipyard injects the following secrets into projects by default:
SHIPYARD_DOMAIN
: The active domain of the project. If the project is a remote deploy and has a custom domain, this is its value. Otherwise the active domain of the project is injected.SHIPYARD_DOMAIN_<SERVICE_NAME>
: The active domain of each service will also be injected into each container. If you have no services on a unique domain, these will all matchSHIPYARD_DOMAIN
.SHIPYARD_EPHEMERAL
: true if the project is ephemeral, false if it is a remote deploy.SHIPYARD_COMMIT
: The running project's latest commit hash.
