TerragonTerragon Docs
Environment Setup

Environment Variables

Configure secrets and environment variables for your Terragon sandboxes.

All environment variables are encrypted at rest and in transit for optimal security.

Environment variables allow you to add secrets and configuration values that will be available in your sandbox. These are scoped to each user-repository combination, so each user maintains their own set of environment variables for each repository they work with.

Adding Environment Variables

Click Add Variable
Enter the variable name and value
Click Save Environment Variables

Common Use Cases

Environment variables are perfect for:

  • API Keys: Store credentials for third-party services
  • Database URLs: Connection strings for databases
  • Feature Flags: Toggle features on/off
  • Configuration Values: Any settings that vary between environments
  • Webhook URLs: Endpoints for external services
  • SDK Keys: Authentication for various SDKs

Importing from .env File

You can quickly import multiple environment variables from a .env file:

Click the Import from .env button
Paste the contents of your .env file
Review the parsed variables
Click Import to add them all at once

Example .env Format

# API Keys
OPENAI_API_KEY=sk-...
ANTHROPIC_API_KEY=sk-ant-...

# Database Configuration
DATABASE_URL=postgresql://user:password@localhost:5432/mydb
REDIS_URL=redis://localhost:6379

# Feature Flags
ENABLE_NEW_FEATURE=true
DEBUG_MODE=false

# External Services
WEBHOOK_URL=https://api.example.com/webhook
SLACK_TOKEN=xoxb-...

Default Environment Variables

Terragon automatically sets the following environment variables in your sandbox:

NameDescription
TERRAGONAlways set to true when running in a Terragon sandbox. You can use this variable to differentiate when the agent/code is running in a Terragon sandbox versus locally.
GH_TOKENGitHub access token for the gh CLI. You can override this by setting your own GH_TOKEN environment variable.

Custom GitHub Token: If you need to use a different GitHub token (e.g., for accessing private packages or repositories), you can add your own GH_TOKEN environment variable. Your custom token will take precedence over the default token provided by Terragon.

Using Environment Variables

In Setup Scripts

Environment variables are automatically available in your terragon-setup.sh script:

terragon-setup.sh
#!/bin/bash
echo "API Key: $MY_API_KEY"
echo "Database URL: $DATABASE_URL"

# Configure application with environment variables
export NODE_ENV=production
export API_ENDPOINT=$API_URL

In Your Code

Access environment variables as you normally would in your application:

// Node.js/JavaScript
const apiKey = process.env.OPENAI_API_KEY;
const dbUrl = process.env.DATABASE_URL;
# Python
import os
api_key = os.environ.get('OPENAI_API_KEY')
db_url = os.environ.get('DATABASE_URL')
# Shell scripts
echo "Using API key: $OPENAI_API_KEY"
psql "$DATABASE_URL"

Setup Scripts

Configure custom setup scripts that run when your Terragon sandbox starts.

MCP Setup

Configure Model Context Protocol (MCP) servers to give Terragon access to external tools, databases, and services.