process.env.dev

The connection string for Azure Application Insights, used for application performance monitoring and logging. Replaces the older instrumentation key approach and includes the ingestion endpoint. Automatically detected by Application Insights SDKs.

Provider

Azure

Category

monitoring

Set by

Azure Portal → Application Insights → your resource → Overview → Connection String

Example

InstrumentationKey=00000000-0000-0000-0000-000000000000;IngestionEndpoint=https://eastus-1.in.applicationinsights.azure.com/

The Application (client) ID assigned to your app registration in Azure Active Directory. Used by Azure Identity SDK to authenticate with Azure services via OAuth 2.0 flows. This is a GUID that uniquely identifies your application.

Provider

Azure

Category

authentication

Set by

Azure Portal → App registrations → your app → Overview

Example

11111111-2222-3333-4444-555555555555

A client secret generated for your Azure AD app registration, used for service principal authentication. This value is only shown once when created and should be stored securely. Rotate regularly as secrets have configurable expiration dates.

Provider

Azure

Category

authentication

Set by

Azure Portal → App registrations → your app → Certificates & secrets

Example

abc8Q~xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

The Directory (tenant) ID of your Azure Active Directory instance. Identifies which Azure AD tenant to authenticate against. Required alongside client ID and secret for service principal authentication.

Provider

Azure

Category

authentication

Set by

Azure Portal → Azure Active Directory → Overview

Example

aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee

The Azure AD authority endpoint URL used for authentication. Defaults to https://login.microsoftonline.com/ for Azure public cloud. Override this for sovereign clouds like Azure Government (login.microsoftonline.us) or Azure China (login.chinacloudapi.cn).

Provider

Azure

Category

authentication

Set by

Set manually when targeting non-public Azure clouds

Default

https://login.microsoftonline.com/

Example

https://login.microsoftonline.us/

The file path to a PEM or PFX certificate used for certificate-based authentication with Azure AD. An alternative to client secrets for service principal authentication that is considered more secure. The certificate must be registered with the app registration.

Provider

Azure

Category

authentication

Set by

Set manually to the path of the certificate file on disk

Example

/var/certs/azure-client.pem

The name of your Azure Container Registry (ACR) instance. Used in CI/CD pipelines for building and pushing container images. The login server URL is derived as {name}.azurecr.io.

Provider

Azure

Category

containers

Set by

Azure Portal → Container registries → your registry → Overview

Example

mycontainerregistry

The admin password for Azure Container Registry, used for docker login authentication. Admin access must be explicitly enabled on the registry. For production use, prefer service principal or managed identity authentication over admin credentials.

Provider

Azure

Category

containers

Set by

Azure Portal → Container registries → your registry → Access keys → Enable Admin user

Example

AbCdEfGhIjKlMnOpQrStUvWxYz012345

The connection string for Azure Cosmos DB, including the account endpoint, key, and database information. Used by Cosmos DB SDKs to establish connections. Supports SQL API, MongoDB API, and other Cosmos DB APIs depending on the account type.

Provider

Azure

Category

database

Set by

Azure Portal → Cosmos DB account → Keys → Primary Connection String

Example

AccountEndpoint=https://mycosmosdb.documents.azure.com:443/;AccountKey=abc123==;

The primary or secondary key for Azure Cosmos DB account authentication. Used when constructing the Cosmos DB client directly rather than via a connection string. Two keys are provided to support key rotation without downtime.

Provider

Azure

Category

database

Set by

Azure Portal → Cosmos DB account → Keys → Primary Key

Example

AbCdEfGhIjKlMnOpQrStUvWxYz0123456789abcdefghijklmnopqrstuvwxyz0123456789ABCD==

The URL of your Azure DevOps organization, used by Azure DevOps REST APIs and CLI tools. The format is https://dev.azure.com/{organization}. Required for programmatic access to repositories, pipelines, work items, and other DevOps resources.

Provider

Azure

Category

devops

Set by

Set manually based on your Azure DevOps organization name

Example

https://dev.azure.com/my-organization

A Personal Access Token for authenticating with Azure DevOps APIs and services. PATs are scoped to specific permissions and have configurable expiration dates. Used by CI/CD pipelines, CLI tools, and SDKs for authenticated operations.

Provider

Azure

Category

devops

Set by

Azure DevOps → User Settings → Personal Access Tokens → New Token

Example

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

The connection string for Azure Event Hubs, used for high-throughput event streaming. Includes the namespace endpoint and shared access key. Event Hubs is designed for big data streaming scenarios with millions of events per second.

Provider

Azure

Category

messaging

Set by

Azure Portal → Event Hubs namespace → Shared access policies

Example

Endpoint=sb://my-eventhub.servicebus.windows.net/;SharedAccessKeyName=SendPolicy;SharedAccessKey=abc123=;EntityPath=my-hub

The path to a file containing a federated identity token, used for workload identity federation. Enables authentication without storing secrets by exchanging tokens from external identity providers (like Kubernetes or GitHub Actions) for Azure AD tokens.

Provider

Azure

Category

authentication

Set by

Automatically set by the workload identity infrastructure (e.g., AKS, GitHub Actions)

Example

/var/run/secrets/azure/tokens/azure-identity-token

Specifies the hosting environment for Azure Functions, such as Development, Staging, or Production. Affects logging verbosity and runtime behavior. Set automatically by the Functions runtime but can be overridden in application settings.

Provider

Azure

Category

compute

Set by

Azure Portal → Function App → Configuration → Application settings

Default

Production

Example

Development

The name of the Azure Key Vault resource. Used in scripts and templates to construct the vault URI or reference the vault by name. Vault names must be globally unique, 3-24 characters, and can contain only alphanumerics and hyphens.

Provider

Azure

Category

security

Set by

Set manually in application configuration or CI/CD pipeline variables

Example

my-keyvault

The full URI of the Azure Key Vault instance, used by the Key Vault SDK to connect and retrieve secrets, keys, and certificates. The URL follows the format https://{vault-name}.vault.azure.net/. This is the primary configuration needed for Key Vault client initialization.

Provider

Azure

Category

security

Set by

Azure Portal → Key Vaults → your vault → Overview → Vault URI

Example

https://my-keyvault.vault.azure.net/

The API key for accessing Azure OpenAI Service endpoints. Used to authenticate requests to Azure-hosted OpenAI models like GPT-4 and DALL-E. Different from the standard OpenAI API key as it connects to your Azure-provisioned resource.

Provider

Azure

Category

ai

Set by

Azure Portal → Azure OpenAI → your resource → Keys and Endpoint

Example

1234567890abcdef1234567890abcdef

The endpoint URL for your Azure OpenAI Service resource. The format is https://{resource-name}.openai.azure.com/. Used alongside the API key to route requests to your specific Azure OpenAI deployment.

Provider

Azure

Category

ai

Set by

Azure Portal → Azure OpenAI → your resource → Keys and Endpoint

Example

https://my-openai-resource.openai.azure.com/

The hostname of the Azure Cache for Redis instance. Used to configure Redis client connections. The hostname typically follows the pattern {name}.redis.cache.windows.net and requires SSL/TLS on port 6380 by default.

Provider

Azure

Category

cache

Set by

Azure Portal → Azure Cache for Redis → your cache → Overview → Host name

Example

my-redis.redis.cache.windows.net

The access key for Azure Cache for Redis instance authentication. Two keys (primary and secondary) are provided to allow rotation without downtime. Used alongside the host and port to establish authenticated connections.

Provider

Azure

Category

cache

Set by

Azure Portal → Azure Cache for Redis → your cache → Access keys

Example

AbCdEfGhIjKlMnOpQrStUvWxYz0123456789=

The name of the Azure Resource Group that contains the target resources. Resource groups are logical containers for Azure resources that share the same lifecycle and access policies. Used by deployment scripts and SDKs to scope operations.

Provider

Azure

Category

resource-management

Set by

Azure Portal → Resource groups, or set manually in application configuration

Example

my-app-prod-rg

The connection string for Azure Service Bus, including the namespace endpoint and shared access key. Used to send and receive messages from queues and topics. Supports different authorization policies with varying permission levels.

Provider

Azure

Category

messaging

Set by

Azure Portal → Service Bus namespace → Shared access policies → RootManageSharedAccessKey

Example

Endpoint=sb://my-namespace.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=abc123=

The connection string for Azure SignalR Service, used for real-time web communication. Includes the service endpoint and access key. Azure SignalR Service manages WebSocket connections at scale for applications using ASP.NET Core SignalR or Azure Functions.

Provider

Azure

Category

messaging

Set by

Azure Portal → SignalR Service → your resource → Keys

Example

Endpoint=https://my-signalr.service.signalr.net;AccessKey=abc123=;Version=1.0;

The ADO.NET or ODBC connection string for Azure SQL Database. Includes the server address, database name, and authentication details. Azure SQL supports both SQL authentication and Azure AD authentication methods.

Provider

Azure

Category

database

Set by

Azure Portal → SQL database → your database → Connection strings

Example

Server=tcp:myserver.database.windows.net,1433;Initial Catalog=mydb;Persist Security Info=False;User ID=myadmin;Password=mypassword;

The name of the Azure Storage account. Storage account names must be globally unique, between 3 and 24 characters, and use only lowercase letters and numbers. Used by SDKs and tools to construct the storage endpoint URL.

Provider

Azure

Category

storage

Set by

Azure Portal → Storage accounts → your account → Overview

Example

myappstorageprod

A full connection string for Azure Storage that includes the account name, key, and endpoint information. Provides a single configuration value for connecting to Blob, Queue, Table, and File storage. Prefer managed identity over connection strings in production.

Provider

Azure

Category

storage

Set by

Azure Portal → Storage accounts → your account → Access keys → Connection string

Example

DefaultEndpointsProtocol=https;AccountName=myaccount;AccountKey=abc123==;EndpointSuffix=core.windows.net

The access key for your Azure Storage account, used for Shared Key authorization. Each storage account has two access keys for key rotation without downtime. Treat this like a root password — it grants full access to all data in the account.

Provider

Azure

Category

storage

Set by

Azure Portal → Storage accounts → your account → Access keys

Example

AbCdEfGhIjKlMnOpQrStUvWxYz0123456789+/AbCdEfGhIjKlMnOpQrStUvWxYz0123456789+/1234==

The unique identifier for your Azure subscription. Required for Azure Resource Manager operations to target the correct subscription. Every Azure resource belongs to a subscription which controls billing and access.

Provider

Azure

Category

resource-management

Set by

Azure Portal → Subscriptions, or via az account show --query id

Example

12345678-abcd-efgh-ijkl-123456789012

The name of the Azure App Service web application. Used in deployment scripts and CI/CD pipelines to target the correct App Service instance. The name must be globally unique as it forms part of the default hostname ({name}.azurewebsites.net).

Provider

Azure

Category

compute

Set by

Azure Portal → App Services → your app → Overview

Example

my-webapp-prod

The resource group containing the Azure App Service web application. Used alongside the web app name in deployment commands and scripts to uniquely identify the target App Service. Required for Azure CLI deploy commands.

Provider

Azure

Category

compute

Set by

Set manually in CI/CD pipeline variables or deployment scripts

Example

my-webapp-rg

The Azure Storage connection string used by Azure Functions for internal operations like managing triggers, logging, and function keys. Required for all functions except HTTP-triggered functions on the Consumption plan. This is the primary storage dependency for the Functions runtime.

Provider

Azure

Category

compute

Set by

Azure Portal → Function App → Configuration, or local.settings.json

Example

DefaultEndpointsProtocol=https;AccountName=myaccount;AccountKey=abc123==;EndpointSuffix=core.windows.net

Specifies the language runtime for Azure Functions, such as node, python, dotnet, java, or powershell. Required in the function app settings and local.settings.json for the Functions host to load the correct language worker. Must match the language of your function code.

Provider

Azure

Category

compute

Set by

Azure Portal → Function App → Configuration, or local.settings.json

Example

node

The endpoint URL for the Azure Identity token service, replacing the older MSI_ENDPOINT. Automatically set by Azure services (App Service, Functions, Container Instances) when a managed identity is assigned. Used by Azure Identity SDKs to request access tokens.

Provider

Azure

Category

authentication

Set by

Automatically set by Azure services when managed identity is enabled

Example

http://127.0.0.1:41045/MSI/token/

A secret header value that must be included in requests to the IDENTITY_ENDPOINT to prevent server-side request forgery (SSRF) attacks. Automatically set by Azure alongside IDENTITY_ENDPOINT. Used internally by Azure Identity SDKs.

Provider

Azure

Category

authentication

Set by

Automatically set by Azure services when managed identity is enabled

The endpoint URL for the Azure Managed Service Identity (MSI) token service, used by older versions of the Azure Identity SDK. Set automatically by Azure App Service and Azure Functions when managed identity is enabled. Superseded by IDENTITY_ENDPOINT in newer implementations.

Provider

Azure

Category

authentication

Set by

Automatically set by Azure App Service / Functions when managed identity is enabled

Example

http://127.0.0.1:41045/MSI/token/

The secret value used to authenticate requests to the MSI_ENDPOINT for obtaining managed identity tokens. Set automatically alongside MSI_ENDPOINT. This is an internal value managed by the Azure platform and should not be manually configured.

Provider

Azure

Category

authentication

Set by

Automatically set by Azure App Service / Functions when managed identity is enabled

The default hostname of the Azure App Service instance, automatically set by the runtime. Includes the azurewebsites.net suffix unless a custom domain is configured. Useful for constructing callback URLs and self-referencing links.

Provider

Azure

Category

compute

Set by

Automatically set by Azure App Service runtime

Example

my-webapp-prod.azurewebsites.net

The unique instance ID of the current Azure App Service VM instance. Useful for debugging and logging in multi-instance scaled-out scenarios. Automatically set by the platform and read-only to application code.

Provider

Azure

Category

compute

Set by

Automatically set by Azure App Service runtime

Example

abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890

Automatically set by Azure App Service to the name of the web app. Used internally by the platform and available to application code to determine which App Service instance is running. Read-only — set by the Azure runtime environment.

Provider

Azure

Category

compute

Set by

Automatically set by Azure App Service runtime

Example

my-webapp-prod

The handler entry point for the Lambda function in the format file.method (e.g., index.handler). Set automatically based on the function configuration. Custom runtimes use this to determine which function to invoke.

Provider

AWS

Category

lambda

Set by

Configured in the Lambda function settings; set automatically at runtime

Example

index.handler

The AWS X-Ray tracing header containing the trace ID, parent segment ID, and sampling decision. Propagated across service boundaries for distributed tracing. Updated per invocation in Lambda to correlate logs and traces across services.

Provider

AWS

Category

monitoring

Set by

Automatically set by AWS Lambda and API Gateway for each invocation

Example

Root=1-5759e988-bd862e3fe1be46a994272793;Parent=53995c3f42cd8ad8;Sampled=1

The access key ID for AWS IAM user or role authentication. Part of the long-term credential pair (along with the secret access key) used to sign programmatic requests to AWS services. For production workloads, prefer IAM roles or temporary credentials over long-term access keys.

Provider

AWS

Category

authentication

Set by

AWS Console → IAM → Users → your user → Security credentials → Create access key

Example

AKIAIOSFODNN7EXAMPLE

Specifies the AWS CLI profile to use for AWS CodeCommit git operations. Allows using a different profile for CodeCommit than for other AWS services. Used by the git-remote-codecommit helper for authentication.

Provider

AWS

Category

devops

Set by

Set via environment variable when using git-remote-codecommit

Example

codecommit-user

Overrides the default location of the AWS CLI configuration file. The config file stores settings like default region, output format, and role assumptions per profile. Defaults to ~/.aws/config if not set.

Provider

AWS

Category

configuration

Set by

Set via environment variable to point to a custom config file location

Default

~/.aws/config

Example

/custom/path/aws-config

A relative URI path used to retrieve temporary credentials from the ECS credential provider. The ECS agent injects this for tasks configured with a task IAM role, allowing containers to authenticate with AWS services without explicit credential management.

Provider

AWS

Category

authentication

Set by

Automatically set by the Amazon ECS container agent when a task role is configured

Example

/v2/credentials/abcdef12-3456-7890-abcd-ef1234567890

Sets the default output format for AWS CLI commands. Valid values are json, yaml, yaml-stream, text, and table. Affects how CLI responses are displayed. Can be overridden per command with the --output flag.

Provider

AWS

Category

configuration

Set by

Set via aws configure or environment variable

Default

json

Example

json

The default AWS region for CLI commands and SDK operations when no region is explicitly specified. Determines which AWS data center region API requests are sent to. Common values include us-east-1, eu-west-1, and ap-southeast-1.

Provider

AWS

Category

configuration

Set by

Set via aws configure, environment variable, or AWS config file

Example

us-east-1

An application-defined variable specifying the name of an Amazon DynamoDB table. Used to configure which table the application reads from and writes to. DynamoDB table names are unique within an AWS account and region.

Provider

AWS

Category

database

Set by

Set manually in application configuration or obtained from CloudFormation/CDK outputs

Example

my-app-users-table

When set to true, disables the use of the EC2 instance metadata service (IMDS) for credential retrieval. Useful when running outside EC2 to avoid timeout delays from failed IMDS connection attempts during credential resolution.

Provider

AWS

Category

configuration

Set by

Set via environment variable

Example

true

An application-defined variable specifying the name or ARN of an Amazon ECS cluster. ECS clusters are logical groupings of container instances or Fargate tasks. Used by deployment scripts and CI/CD pipelines to target the correct cluster.

Provider

AWS

Category

containers

Set by

Set manually in application configuration or CI/CD pipeline variables

Example

my-app-cluster-prod

An application-defined variable referencing the ECS task definition family name or ARN. Task definitions are blueprints for ECS tasks, specifying container images, resource requirements, and networking. Used in deployment automation.

Provider

AWS

Category

containers

Set by

Set manually in application configuration or CI/CD pipeline variables

Example

my-app-task:3

Overrides the default AWS service endpoint URL. Used for local development with services like LocalStack or MinIO that emulate AWS APIs. Can also target FIPS or dual-stack endpoints for compliance requirements.

Provider

AWS

Category

configuration

Set by

Set via environment variable for local development or testing

Example

http://localhost:4566

Identifies the Lambda runtime environment, such as AWS_Lambda_nodejs20.x or AWS_Lambda_python3.12. Set automatically and used to detect whether code is running inside a Lambda environment. Also indicates the specific runtime version.

Provider

AWS

Category

lambda

Set by

Automatically set by the AWS Lambda runtime

Example

AWS_Lambda_nodejs20.x

The amount of memory (in MB) allocated to the Lambda function. Determines the proportional CPU power and network bandwidth available. Set during function configuration and available as a read-only environment variable during execution.

Provider

AWS

Category

lambda

Set by

Configured in the Lambda function settings; read-only at runtime

Example

512

The name of the currently executing AWS Lambda function. Set automatically by the Lambda runtime environment. Useful for logging, metrics, and conditional logic based on which function is running.

Provider

AWS

Category

lambda

Set by

Automatically set by the AWS Lambda runtime

Example

my-function-prod

The version of the currently executing Lambda function. Set to $LATEST for unpublished code or a numeric version identifier for published versions. Used for version-specific logging and debugging.

Provider

AWS

Category

lambda

Set by

Automatically set by the AWS Lambda runtime

Example

$LATEST

The CloudWatch Logs log group name for the current Lambda function. Lambda automatically creates a log group named /aws/lambda/{function-name}. All console output and SDK logging from the function is sent to this log group.

Provider

AWS

Category

lambda

Set by

Automatically set by the AWS Lambda runtime

Example

/aws/lambda/my-function-prod

The CloudWatch Logs log stream name for the current Lambda function invocation. Each function instance gets a unique log stream. The stream name includes the date and a unique identifier to differentiate concurrent execution environments.

Provider

AWS

Category

lambda

Set by

Automatically set by the AWS Lambda runtime

Example

2024/01/15/[$LATEST]abcdef1234567890

The host and port of the Lambda Runtime API endpoint. Used by custom runtimes to communicate with the Lambda service for receiving invocation events and posting responses. Not typically used directly by functions using standard runtimes.

Provider

AWS

Category

lambda

Set by

Automatically set by the AWS Lambda runtime

Example

127.0.0.1:9001

Configures the maximum number of retry attempts for AWS SDK and CLI operations. Applies to retryable errors like throttling and transient network failures. The default varies by SDK but is typically 3. Higher values improve reliability at the cost of increased latency.

Provider

AWS

Category

configuration

Set by

Set via environment variable, config file, or SDK client configuration

Default

3

Example

5

Specifies the pager program used for AWS CLI output. Set to an empty string to disable paging entirely, which is useful in scripts and CI/CD pipelines. By default, the AWS CLI v2 uses the less program for output.

Provider

AWS

Category

configuration

Set by

Set via environment variable

Specifies the named profile from the AWS credentials and config files to use. Profiles allow you to maintain multiple sets of credentials and configuration settings. Defaults to the 'default' profile when not set.

Provider

AWS

Category

configuration

Set by

Set via environment variable; profiles are configured in ~/.aws/credentials and ~/.aws/config

Default

default

Example

production

The AWS region for SDK operations, taking precedence over AWS_DEFAULT_REGION when both are set. Used by all AWS SDKs to determine the service endpoint. This is the recommended environment variable for specifying region in application code.

Provider

AWS

Category

configuration

Set by

Set via environment variable or application configuration

Example

eu-west-1

Specifies the retry strategy for AWS SDK operations. Valid values are legacy, standard, and adaptive. Standard mode adds consistent retry behavior across SDKs, while adaptive mode dynamically adjusts retry delays based on error responses and throttling.

Provider

AWS

Category

configuration

Set by

Set via environment variable, config file, or SDK client configuration

Default

legacy

Example

standard

The Amazon Resource Name (ARN) of the IAM role to assume for cross-account access or temporary elevated permissions. Used with AWS STS AssumeRole and by SDKs that support automatic role assumption via credential chaining.

Provider

AWS

Category

authentication

Set by

Set in AWS config file profiles or as an environment variable

Example

arn:aws:iam::123456789012:role/MyRole

A commonly used application-defined variable for specifying the target Amazon S3 bucket name. Not set by AWS itself but a widely adopted convention in applications and deployment configurations. S3 bucket names are globally unique across all AWS accounts.

Provider

AWS

Category

storage

Set by

Set manually in application configuration or environment

Example

my-app-assets-prod

When set to a truthy value, instructs the AWS SDK for JavaScript v2 to load configuration from the shared config file (~/.aws/config) in addition to the credentials file. In SDK v3, config file loading is enabled by default.

Provider

AWS

Category

configuration

Set by

Set via environment variable

Example

1

The secret access key paired with AWS_ACCESS_KEY_ID for signing AWS API requests. This value is only shown once when created and must be stored securely. Never commit this to source control or expose it in logs.

Provider

AWS

Category

authentication

Set by

AWS Console → IAM → Users → your user → Security credentials → Create access key

Example

wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

A temporary session token provided alongside temporary access credentials from AWS STS (Security Token Service). Required when using assumed roles, federated access, or MFA-authenticated sessions. Temporary credentials expire after a configurable duration.

Provider

AWS

Category

authentication

Set by

Returned by AWS STS AssumeRole, GetSessionToken, or AssumeRoleWithWebIdentity API calls

Example

FwoGZXIvYXdzEBYaDH7pNGk...(truncated)

Overrides the default location of the shared credentials file that stores access key pairs for named profiles. Defaults to ~/.aws/credentials if not set. Useful for testing or when credentials need to be stored in a non-standard location.

Provider

AWS

Category

configuration

Set by

Set via environment variable to point to a custom credentials file location

Default

~/.aws/credentials

Example

/custom/path/aws-credentials

The ARN of an Amazon SNS topic for publishing notifications. SNS topics enable pub/sub messaging and can fan out messages to multiple subscribers including SQS queues, Lambda functions, and HTTP endpoints. Application-defined variable for referencing the target topic.

Provider

AWS

Category

messaging

Set by

Set manually in application configuration or obtained from CloudFormation/CDK outputs

Example

arn:aws:sns:us-east-1:123456789012:my-topic

The URL of an Amazon SQS queue used by the application for message processing. Queue URLs follow the format https://sqs.{region}.amazonaws.com/{account-id}/{queue-name}. This is an application-defined variable, not set automatically by AWS.

Provider

AWS

Category

messaging

Set by

Set manually in application configuration or obtained from CloudFormation/CDK outputs

Example

https://sqs.us-east-1.amazonaws.com/123456789012/my-queue

Controls whether STS API calls use regional endpoints or the global endpoint (sts.amazonaws.com). Set to regional to use regional STS endpoints for lower latency and better fault isolation. The global endpoint is in us-east-1.

Provider

AWS

Category

configuration

Set by

Set via environment variable or AWS config file

Default

legacy

Example

regional

The path to a file containing an OIDC web identity token, used for AssumeRoleWithWebIdentity. Commonly set in Kubernetes environments (EKS) for pod-level IAM authentication via IRSA (IAM Roles for Service Accounts). The SDK reads this file to exchange the token for temporary AWS credentials.

Provider

AWS

Category

authentication

Set by

Automatically set by EKS IRSA, or manually in container environments

Example

/var/run/secrets/eks.amazonaws.com/serviceaccount/token

The IP address and port of the X-Ray daemon running in the Lambda execution environment. Used by X-Ray SDKs to send trace data for distributed tracing. The daemon batches and forwards trace segments to the X-Ray service.

Provider

AWS

Category

monitoring

Set by

Automatically set by the AWS Lambda runtime when X-Ray tracing is enabled

Example

169.254.79.129:2000

The URI for the ECS container metadata endpoint (version 3). Provides task and container metadata including Docker stats, health status, and network information. Available in tasks using the awsvpc or bridge network modes on EC2 launch type.

Provider

AWS

Category

containers

Set by

Automatically set by the Amazon ECS container agent

Example

http://169.254.170.2/v3/abcdef12-3456-7890-abcd-ef1234567890

The URI for the ECS container metadata endpoint version 4, providing enhanced metadata including task-level network stats and additional container information. Available for tasks running on Fargate platform version 1.4.0+ and ECS agent 1.39.0+.

Provider

AWS

Category

containers

Set by

Automatically set by the Amazon ECS container agent

Example

http://169.254.170.2/v4/abcdef12-3456-7890-abcd-ef1234567890

The path to the runtime libraries directory in the Lambda execution environment. Contains the runtime-specific libraries and bootstrap code. Typically set to /var/runtime for standard runtimes.

Provider

AWS

Category

lambda

Set by

Automatically set by the AWS Lambda runtime

Default

/var/runtime

Example

/var/runtime

The path to the Lambda function code directory. This is where the deployment package is extracted and where the handler file is located. Typically set to /var/task in the Lambda execution environment.

Provider

AWS

Category

lambda

Set by

Automatically set by the AWS Lambda runtime

Default

/var/task

Example

/var/task

The installation directory for Bun, the fast JavaScript runtime and package manager. Contains the Bun binary, global packages, and cache. Defaults to ~/.bun. The bin subdirectory should be added to PATH.

Provider

Node.js

Category

runtime

Set by

Set via environment variable or during Bun installation

Default

~/.bun

Example

/home/user/.bun

The root directory for Deno's cache, including downloaded modules, compiled code, and other cached data. Defaults to a platform-specific cache directory. Useful for CI caching or controlling where Deno stores its dependency cache.

Provider

Node.js

Category

runtime

Set by

Set via environment variable

Example

/home/user/.deno

Specifies the hostname or IP address a web server should bind to. Used alongside PORT by many frameworks and development servers. Defaults to localhost or 0.0.0.0 depending on the framework. Set to 0.0.0.0 to accept connections from all network interfaces.

Provider

Node.js

Category

networking

Set by

Set manually in application configuration

Example

0.0.0.0

A comma-separated list of core Node.js module names to enable debug output for. Valid values include http, net, fs, tls, module, and stream among others. Produces verbose internal debugging information from the specified modules to stderr.

Provider

Node.js

Category

debugging

Set by

Set manually via environment variable

Example

http,net

Specifies the environment in which the Node.js application is running. Common values are development, production, and test. Many frameworks and libraries use this to toggle behavior such as verbose logging, minification, and caching strategies.

Provider

Node.js

Category

runtime

Set by

Set manually in the shell, process manager, or deployment configuration

Example

production

Path to a PEM file containing one or more extra certificate authority certificates to trust when making TLS connections. Used to add corporate or internal CA certificates without modifying the Node.js build. Applied in addition to the default Mozilla CA store.

Provider

Node.js

Category

security

Set by

Set manually via environment variable, pointing to a PEM file

Example

/etc/ssl/certs/corporate-ca.pem

Path to ICU (International Components for Unicode) data for full internationalization support. Required when Node.js is built with the small-icu option and you need full locale support. Points to the directory or .dat file containing ICU data.

Provider

Node.js

Category

internationalization

Set by

Set manually via environment variable, pointing to the ICU data directory

Example

/usr/local/share/icu/icudt72l.dat

When set to 1, suppresses all Node.js process warnings including deprecation warnings, experimental feature warnings, and other runtime warnings. Useful in production environments where warnings have already been addressed.

Provider

Node.js

Category

runtime

Set by

Set manually via environment variable

Example

1

A space-separated list of command-line options that are applied when starting any Node.js process. Allows setting flags like --max-old-space-size, --experimental-specifier-resolution, or --inspect globally without modifying scripts. Not all CLI options are supported.

Provider

Node.js

Category

runtime

Set by

Set manually via environment variable

Example

--max-old-space-size=4096 --enable-source-maps

A colon-delimited (semicolon on Windows) list of directories to search for modules when using require(). Extends the default module resolution algorithm. Rarely needed in modern projects using package managers but useful for legacy applications with non-standard layouts.

Provider

Node.js

Category

runtime

Set by

Set manually via environment variable

Example

/usr/local/lib/node_modules:/app/shared

When set to 1, emits pending deprecation warnings which are off by default. Pending deprecations are warnings for features that will be deprecated in future Node.js versions. Useful for proactive migration before deprecations become active.

Provider

Node.js

Category

runtime

Set by

Set manually via environment variable

Example

1

Path to the file where Node.js REPL command history is stored. Defaults to ~/.node_repl_history. Set to an empty string to disable persistent REPL history. Useful for controlling history storage in shared or restricted environments.

Provider

Node.js

Category

runtime

Set by

Set manually via environment variable

Default

~/.node_repl_history

Example

/home/user/.custom_repl_history

When set to 0, disables TLS certificate verification for all outgoing HTTPS connections. This is extremely insecure and should only be used for local development or debugging. Never use in production as it makes the application vulnerable to man-in-the-middle attacks.

Provider

Node.js

Category

security

Set by

Set manually via environment variable

Default

1

Example

0

Specifies the npm registry URL used for package installation and publishing. Defaults to https://registry.npmjs.org/. Override to use a private registry like Verdaccio, Artifactory, or GitHub Packages for internal packages.

Provider

Node.js

Category

package-manager

Set by

Set via .npmrc file, environment variable, or npm config set command

Default

https://registry.npmjs.org/

Example

https://npm.pkg.github.com

Automatically set by npm when running scripts defined in package.json. Contains the name field from the package's package.json. Available to all scripts and child processes spawned during npm script execution.

Provider

Node.js

Category

package-manager

Set by

Automatically set by npm during script execution

Example

my-package

Automatically set by npm when running scripts, containing the version field from the package's package.json. Useful for embedding version information in build artifacts, logs, or API responses without reading package.json at runtime.

Provider

Node.js

Category

package-manager

Set by

Automatically set by npm during script execution

Example

1.2.3

An authentication token for the npm registry, used for publishing packages and accessing private packages. Typically used in CI/CD environments where interactive npm login is not possible. Can be generated via npm token create or from the npm website.

Provider

Node.js

Category

package-manager

Set by

Generated via npm token create or npm website → Access Tokens

Example

npm_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

The directory where pnpm stores globally installed packages and its own binaries. Should be added to PATH for global packages to be accessible. Defaults to a platform-specific location if not set explicitly.

Provider

Node.js

Category

package-manager

Set by

Set via environment variable or pnpm setup command

Example

/home/user/.local/share/pnpm

A widely used convention for specifying the port number a web server should listen on. Used by virtually every Node.js web framework (Express, Fastify, Koa, etc.) and platform-as-a-service providers. Defaults vary by framework but 3000 is common.

Provider

Node.js

Category

networking

Set by

Set manually or automatically by cloud platforms (Heroku, Railway, Cloud Run, etc.)

Example

3000

Sets the number of threads in the libuv thread pool used for asynchronous I/O operations like file system access, DNS lookups, and crypto operations. Defaults to 4, with a maximum of 1024. Increasing this can improve throughput for I/O-heavy applications.

Provider

Node.js

Category

performance

Set by

Set manually via environment variable (must be set before process starts)

Default

4

Example

16

Overrides the default location where Yarn stores downloaded package tarballs. Useful for controlling disk usage, sharing cache across CI builds, or placing the cache on a faster disk. Defaults to a platform-specific cache directory.

Provider

Node.js

Category

package-manager

Set by

Set via environment variable or yarn config set cache-folder

Example

/tmp/yarn-cache

Specifies the path to one or more Compose files, separated by the OS path separator (: on Linux/macOS, ; on Windows). Allows using alternate file names or merging multiple compose files. Defaults to docker-compose.yml or compose.yml.

Provider

Docker

Category

compose

Set by

Set via environment variable or .env file in the project directory

Example

docker-compose.yml:docker-compose.override.yml

Configures the timeout in seconds for HTTP requests made by Docker Compose to the Docker daemon. Increase this value if you experience timeouts during slow builds or large image pulls. Defaults to 60 seconds.

Provider

Docker

Category

compose

Set by

Set via environment variable

Default

60

Example

120

A comma-separated list of active Compose profiles. Profiles allow you to selectively start services defined in the compose file. Services with matching profile tags will be started, while untagged services always start.

Provider

Docker

Category

compose

Set by

Set via environment variable or the --profile flag on docker compose commands

Example

debug,monitoring

Sets the project name for Docker Compose, which is used as a prefix for container names, network names, and volume names. Defaults to the directory name containing the compose file. Useful for running multiple instances of the same compose setup.

Provider

Docker

Category

compose

Set by

Set via environment variable or the -p flag on docker compose commands

Example

myapp-dev

When set to 1, enables BuildKit as the default builder for docker build commands. BuildKit provides improved build performance, better caching, and features like build secrets and SSH forwarding. Enabled by default in Docker Engine 23.0+.

Provider

Docker

Category

build

Set by

Set via environment variable or Docker daemon configuration

Default

1

Example

1

The path to a directory containing TLS certificates (ca.pem, cert.pem, key.pem) for authenticating with a TLS-secured Docker daemon. Used alongside DOCKER_TLS_VERIFY. Defaults to ~/.docker if not set.

Provider

Docker

Category

security

Set by

Set via environment variable to point to the TLS certificate directory

Default

~/.docker

Example

/home/user/.docker/certs

Enables or disables experimental CLI features. Set to enabled to access experimental commands. In recent Docker versions, most previously experimental features have graduated to stable.

Provider

Docker

Category

configuration

Set by

Set via environment variable or Docker CLI config.json

Default

disabled

Example

enabled

Overrides the default location of the Docker CLI configuration directory. The config directory contains config.json with registry authentication credentials, proxy settings, and other CLI preferences. Defaults to ~/.docker.

Provider

Docker

Category

configuration

Set by

Set via environment variable to use an alternate configuration directory

Default

~/.docker

Example

/tmp/docker-config

When set to 1, enables Docker Content Trust (DCT) which enforces image signing and verification using Notary. With DCT enabled, Docker only pulls and runs images that have been signed by trusted publishers. Disabled by default.

Provider

Docker

Category

security

Set by

Set via environment variable

Default

0

Example

1

Sets the default platform for building and pulling images when the platform is not specified. Useful on Apple Silicon Macs to explicitly pull linux/amd64 images when arm64 variants are not available.

Provider

Docker

Category

configuration

Set by

Set via environment variable

Example

linux/amd64

When set to any non-empty value, hides legacy top-level Docker commands from the help output, showing only the modern management commands (docker container, docker image, etc.). Helps reduce clutter in Docker CLI help output.

Provider

Docker

Category

configuration

Set by

Set via environment variable

Example

1

Specifies the Docker daemon socket to connect to. Defaults to unix:///var/run/docker.sock on Linux and macOS. Override to connect to a remote Docker daemon over TCP or to use a custom socket path for rootless Docker.

Provider

Docker

Category

daemon

Set by

Set via environment variable or Docker context configuration

Default

unix:///var/run/docker.sock

Example

tcp://192.168.1.100:2376

Controls whether Docker displays suggestions to scan images for vulnerabilities after building. Set to false to suppress the scan suggestion messages that appear after docker build completes.

Provider

Docker

Category

configuration

Set by

Set via environment variable

Default

true

Example

false

When set to any non-empty value, enables TLS verification for connections to the Docker daemon. Requires that DOCKER_CERT_PATH points to a directory containing ca.pem, cert.pem, and key.pem files. Essential for securing remote Docker daemon connections.

Provider

Docker

Category

security

Set by

Set via environment variable when connecting to a TLS-secured Docker daemon

Example

1

Overrides the Docker socket path used by the Testcontainers library for integration testing. Necessary when the Docker socket is mounted at a non-standard location, such as when using rootless Docker, Colima, or Podman with a compatibility socket.

Provider

Docker

Category

testing

Set by

Set via environment variable when Docker socket is at a non-standard path

Example

/var/run/docker.sock

Specifies a proxy server for all protocols (HTTP, HTTPS, FTP, etc.). Acts as a fallback when protocol-specific proxy variables like HTTP_PROXY and HTTPS_PROXY are not set. Supports SOCKS proxies in addition to HTTP proxies.

Provider

General / OS

Category

network

Set by

Set manually or via corporate network configuration

Example

socks5://proxy.example.com:1080

Indicates the color capabilities of the terminal. Common values are truecolor (24-bit color support) and 24bit. Used by applications to determine whether they can use full RGB color output or must fall back to 256 or 16 colors.

Provider

General / OS

Category

terminal

Set by

Set by the terminal emulator

Example

truecolor

Specifies the path to a CA certificate bundle file used by curl for TLS verification. Overrides the default certificate store compiled into curl. Useful when working with internal CAs or in environments with custom certificate chains.

Provider

General / OS

Category

security

Set by

Set via environment variable to point to a CA bundle file

Example

/etc/ssl/certs/ca-certificates.crt

Identifies the X11 display server to connect to for graphical applications. The format is [host]:display[.screen], where :0 is the most common value for local displays. Required for X11 applications to render their GUI.

Provider

General / OS

Category

display

Set by

Set by the display manager or SSH with X11 forwarding (-X flag)

Example

:0

Specifies the default text editor for command-line programs. Used by git commit, crontab -e, visudo, and other tools that need to open a text editor. Should be set to a terminal-based editor like vim, nano, or emacs.

Provider

General / OS

Category

tools

Set by

Set in shell profile (~/.bashrc, ~/.zshrc) or /etc/environment

Example

vim

Forces color output in programs that support this convention, overriding automatic terminal detection. Used by many Node.js libraries (chalk, kleur, etc.) and CLI tools. A value of 0 disables color, 1 enables 16 colors, 2 enables 256, and 3 enables truecolor.

Provider

General / OS

Category

terminal

Set by

Set via environment variable

Example

1

Specifies the terminal device for GPG pinentry prompts. Must be set to the current TTY (typically via $(tty)) for GPG to correctly display passphrase prompts. Essential for git commit signing and other GPG operations in terminal sessions.

Provider

General / OS

Category

security

Set by

Set in shell profile: export GPG_TTY=$(tty)

Example

/dev/pts/0

The absolute path to the current user's home directory. Used as the default location for user configuration files, caches, and personal data. On Linux it is typically /home/username, on macOS /Users/username.

Provider

General / OS

Category

system

Set by

Set by the login process based on the user's /etc/passwd entry

Example

/home/johndoe

The network hostname of the current machine. Set by the operating system at boot time. Used for logging, network identification, and constructing URLs. On containers, reflects the container ID or hostname set in the container configuration.

Provider

General / OS

Category

system

Set by

Set by the operating system at boot from /etc/hostname or DHCP

Example

web-server-01

Specifies the proxy server URL for HTTP requests. Used by many command-line tools (curl, wget, apt), package managers (npm, pip), and programming language HTTP clients. The format is typically http://[user:password@]host:port.

Provider

General / OS

Category

network

Set by

Set manually or via corporate network configuration

Example

http://proxy.example.com:8080

Specifies the proxy server URL for HTTPS requests. Most tools check both HTTP_PROXY and HTTPS_PROXY separately. Can point to either an HTTP or HTTPS proxy server. In many environments, this is set to the same value as HTTP_PROXY.

Provider

General / OS

Category

network

Set by

Set manually or via corporate network configuration

Example

http://proxy.example.com:8080

Sets the default locale for all locale categories that are not explicitly set by a more specific LC_* variable. Affects language, character encoding, date/time formatting, and number formatting. The value typically includes language, territory, and encoding.

Provider

General / OS

Category

locale

Set by

Set in /etc/locale.conf, shell profile, or system settings

Example

en_US.UTF-8

Overrides all other LC_* locale variables and LANG. When set, it forces every locale category to use the specified locale. Typically used in scripts to ensure consistent locale behavior regardless of user settings. Use with caution as it overrides all locale preferences.

Provider

General / OS

Category

locale

Set by

Set via environment variable when a consistent locale override is needed

Example

C.UTF-8

Determines the locale used for character classification and case conversion. Affects which characters are considered letters, digits, or whitespace, and how upper/lower case conversions work. Important for proper handling of multibyte character encodings like UTF-8.

Provider

General / OS

Category

locale

Set by

Set via environment variable or system locale configuration

Example

en_US.UTF-8

The login name of the user, set by the login process. On most Unix systems this is identical to USER. Some programs specifically check LOGNAME per POSIX standards for determining the user's identity.

Provider

General / OS

Category

system

Set by

Set by the login process from the user's /etc/passwd entry

Example

johndoe

When set to any non-empty value, disables color output in programs that respect this convention. Part of the no-color.org standard adopted by hundreds of CLI tools and libraries. Takes precedence over FORCE_COLOR in compliant programs.

Provider

General / OS

Category

terminal

Set by

Set via environment variable to any non-empty value

Example

1

A comma-separated list of hostnames, domain suffixes, or IP addresses that should bypass the proxy. Supports wildcards in some implementations. Used to exclude internal services, localhost, and private network addresses from proxy routing.

Provider

General / OS

Category

network

Set by

Set alongside HTTP_PROXY/HTTPS_PROXY

Example

localhost,127.0.0.1,.internal.company.com

The absolute path of the previous working directory. Set automatically by the shell when you change directories. Used by cd - to return to the previous directory. Not set until the first directory change in a session.

Provider

General / OS

Category

system

Set by

Automatically maintained by the shell on directory changes

Example

/home/user

Specifies the default pager program used for displaying long output. Used by man pages, git log, and other commands that produce paginated output. Common values are less, more, and most.

Provider

General / OS

Category

tools

Set by

Set in shell profile or /etc/environment

Default

less

Example

less -R

A colon-delimited list of directories the shell searches for executable programs. When you run a command, the shell checks each directory in PATH from left to right until it finds a matching executable. This is one of the most fundamental environment variables on Unix-like systems.

Provider

General / OS

Category

system

Set by

Set by the shell profile files (~/.bashrc, ~/.zshrc, /etc/environment)

Example

/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin

The absolute path of the current working directory. Updated automatically by the shell when you change directories with cd. Represents the logical path (may include symlinks) rather than the physical path.

Provider

General / OS

Category

system

Set by

Automatically maintained by the shell

Example

/home/user/projects/my-app

The path to a CA certificate bundle file used by the Python requests library and other Python HTTP clients for TLS verification. Overrides the default certifi bundle. Useful in corporate environments with internal certificate authorities.

Provider

General / OS

Category

security

Set by

Set via environment variable to point to a CA bundle file

Example

/etc/ssl/certs/ca-certificates.crt

The absolute path to the user's default login shell as specified in /etc/passwd. Note that this reflects the login shell, not necessarily the currently running shell. Programs use this to determine which shell to launch for the user.

Provider

General / OS

Category

system

Set by

Set by the login process from the user's /etc/passwd entry

Example

/bin/zsh

Tracks the nesting level of shell instances. Incremented by 1 each time a new shell is started. A value of 1 means you are in the login shell; higher values indicate nested shells. Useful for prompt customization and debugging shell nesting issues.

Provider

General / OS

Category

system

Set by

Automatically incremented by the shell on startup

Default

1

Example

2

The process ID of the running SSH authentication agent. Used by ssh-agent -k to terminate the correct agent process. Set automatically when starting ssh-agent via eval $(ssh-agent -s).

Provider

General / OS

Category

ssh

Set by

Set by ssh-agent when started

Example

12345

The Unix socket path for communicating with the SSH authentication agent (ssh-agent). Programs like ssh and git use this to request that the agent perform private key operations without exposing the key material. Required for key-based SSH authentication via the agent.

Provider

General / OS

Category

ssh

Set by

Set by ssh-agent, gpg-agent, or the desktop session manager

Example

/run/user/1000/ssh-agent.sock

The path to a file containing trusted CA certificates in PEM format. Used by OpenSSL and programs that link against it for TLS certificate verification. Setting this overrides the default system certificate store for those applications.

Provider

General / OS

Category

security

Set by

Set via environment variable to point to a PEM certificate file

Example

/etc/ssl/certs/ca-certificates.crt

Identifies the type of terminal emulator being used, which determines how programs output escape sequences for colors, cursor movement, and other terminal features. Common values include xterm-256color, screen-256color, and dumb.

Provider

General / OS

Category

terminal

Set by

Set by the terminal emulator upon launch

Example

xterm-256color

Identifies the terminal emulator program being used. Common values include iTerm.app, Apple_Terminal, vscode, tmux, and WezTerm. Used by applications to enable terminal-specific features like image display or hyperlinks.

Provider

General / OS

Category

terminal

Set by

Set by the terminal emulator on launch

Example

iTerm.app

Specifies the directory for temporary files. Used by programs and libraries as the default location for creating temporary files and directories. Defaults to /tmp if not set. On macOS, set to a per-user temporary directory.

Provider

General / OS

Category

system

Set by

Set by the operating system or manually in the shell environment

Default

/tmp

Example

/tmp

Sets the timezone for the process, affecting how times are displayed and how time-related functions operate. Uses the IANA Time Zone Database identifiers. When not set, the system timezone from /etc/localtime is used.

Provider

General / OS

Category

locale

Set by

Set via environment variable, system settings, or /etc/timezone

Example

America/New_York

The username of the currently logged-in user. Set by the login process and used by various programs to determine the current user's identity. On some systems this is identical to LOGNAME.

Provider

General / OS

Category

system

Set by

Set by the login process or shell initialization

Example

johndoe

Specifies the preferred visual (full-screen) editor. Takes precedence over EDITOR when the program supports visual editing. Some programs check VISUAL first, falling back to EDITOR. Can be set to a GUI editor in graphical environments.

Provider

General / OS

Category

tools

Set by

Set in shell profile (~/.bashrc, ~/.zshrc)

Example

code --wait

Identifies the Wayland compositor socket for graphical applications running under the Wayland display protocol. Typically set to wayland-0. Applications check this to determine whether to use Wayland or fall back to X11 via XWayland.

Provider

General / OS

Category

display

Set by

Set by the Wayland compositor on session start

Example

wayland-0

The base directory for user-specific non-essential cached data, as defined by the XDG Base Directory Specification. Defaults to $HOME/.cache if not set. Applications store cache files that can be regenerated here — deleting this directory should not cause data loss.

Provider

General / OS

Category

xdg

Set by

Set in shell profile or by the desktop environment

Default

$HOME/.cache

Example

/home/user/.cache

The base directory for user-specific configuration files, as defined by the XDG Base Directory Specification. Defaults to $HOME/.config if not set. Applications following the XDG spec store their config files in subdirectories under this path.

Provider

General / OS

Category

xdg

Set by

Set in shell profile or by the desktop environment

Default

$HOME/.config

Example

/home/user/.config

The base directory for user-specific data files, as defined by the XDG Base Directory Specification. Defaults to $HOME/.local/share if not set. Applications store persistent data like databases, history files, and downloaded content here.

Provider

General / OS

Category

xdg

Set by

Set in shell profile or by the desktop environment

Default

$HOME/.local/share

Example

/home/user/.local/share

The base directory for user-specific runtime files like sockets, named pipes, and other non-essential runtime data. Must be owned by the user with 0700 permissions. Created by the login system (typically systemd) and is cleared on logout.

Provider

General / OS

Category

xdg

Set by

Set by the login system (systemd-logind, elogind, or similar)

Example

/run/user/1000

The base directory for user-specific state data that should persist between application restarts but is not important enough for backup. Defaults to $HOME/.local/state. Stores data like log files, command history, and recently used files.

Provider

General / OS

Category

xdg

Set by

Set in shell profile or by the desktop environment

Default

$HOME/.local/state

Example

/home/user/.local/state

The connection name for a Cloud SQL instance in the format project:region:instance. Used by the Cloud SQL Auth Proxy and App Engine to establish secure connections to Cloud SQL databases without exposing them to the public internet.

Provider

Google Cloud

Category

database

Set by

Google Cloud Console → SQL → your instance → Overview → Connection name

Example

my-project:us-central1:my-sql-instance

Overrides the credential file used by the gcloud CLI, taking precedence over the logged-in user's credentials. Useful in CI/CD pipelines where a service account key file should be used instead of user credentials already configured in gcloud.

Provider

Google Cloud

Category

authentication

Set by

Set via environment variable to the path of a credential JSON file

Example

/path/to/service-account-key.json

Sets the default Compute Engine region for the gcloud CLI. Equivalent to running gcloud config set compute/region. Affects commands like gcloud compute instances list that operate on regional resources.

Provider

Google Cloud

Category

configuration

Set by

Set via environment variable or gcloud config set compute/region

Example

us-central1

Sets the default Compute Engine zone for the gcloud CLI. Zones are deployment areas within a region (e.g., us-central1-a). Affects zone-specific commands like VM instance creation.

Provider

Google Cloud

Category

configuration

Set by

Set via environment variable or gcloud config set compute/zone

Example

us-central1-a

Sets the default project for the Google Cloud SDK (gcloud CLI). Equivalent to running gcloud config set project. Part of the CLOUDSDK_* family of environment variables that override gcloud CLI configuration properties.

Provider

Google Cloud

Category

configuration

Set by

Set via environment variable or gcloud config set core/project

Example

my-project-123456

A JSON string containing Firebase configuration automatically set in Cloud Functions for Firebase runtime. Includes project ID, storage bucket, and database URL. Used by the Firebase Admin SDK for automatic initialization without explicit configuration.

Provider

Google Cloud

Category

configuration

Set by

Automatically set by the Cloud Functions for Firebase runtime

Example

{"projectId":"my-project","storageBucket":"my-project.appspot.com","databaseURL":"https://my-project.firebaseio.com"}

A CI token for authenticating Firebase CLI commands in non-interactive environments. Generated via firebase login:ci. Used in CI/CD pipelines for deploying to Firebase Hosting, Cloud Functions, and other Firebase services.

Provider

Google Cloud

Category

authentication

Set by

Generated via firebase login:ci command

Example

1//0abc123def456ghi789jkl012mno345pqr

Specifies the signature type of the Cloud Function — either http for HTTP-triggered functions or event for event-triggered functions, or cloudevent for CloudEvents-based triggers. Used by the Functions Framework to determine how to invoke the function.

Provider

Google Cloud

Category

compute

Set by

Set automatically based on the function's trigger type, or manually for local development

Example

http

Specifies the name of the exported function to invoke in Google Cloud Functions (2nd gen) and Cloud Functions for Firebase. The Functions Framework uses this to determine which function to serve. Required for the Functions Framework to start correctly.

Provider

Google Cloud

Category

compute

Set by

Set in the Cloud Functions deployment configuration or environment

Example

helloWorld

An alternative name for specifying the Google Cloud project ID. Some older libraries and tools use this variable name. GOOGLE_CLOUD_PROJECT is the preferred variable name for newer client libraries and applications.

Provider

Google Cloud

Category

configuration

Set by

Set manually or via gcloud config

Example

my-project-123456

A convention used by some CI/CD tools to store the raw JSON content of a Google Cloud service account key for authentication. Not an official Google variable, but commonly seen in CI/CD documentation for tools like CircleCI and Travis CI.

Provider

Google Cloud

Category

authentication

Set by

Set as a CI/CD secret containing the service account key JSON

Example

{"type":"service_account","project_id":"my-project",...}

A convention used by some CI/CD platforms and tools to store the base64-encoded or raw JSON content of a Google Cloud service account key. Not an official Google variable, but widely adopted in CI/CD configurations for automated deployments.

Provider

Google Cloud

Category

authentication

Set by

Set in CI/CD platform secrets or environment configuration

Example

ewogICJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIsCiAg...

An application-defined variable specifying the Google Cloud Storage bucket name to use. Not set by Google Cloud itself but widely used as a convention in applications and deployment scripts. Bucket names are globally unique across all GCP projects.

Provider

Google Cloud

Category

storage

Set by

Set manually in application configuration

Example

my-project-assets-prod

An API key for accessing Google APIs that support API key authentication. Simpler than service account authentication but offers less security and fewer permissions. Used for public APIs like Maps, Places, and YouTube Data API.

Provider

Google Cloud

Category

authentication

Set by

Google Cloud Console → APIs & Services → Credentials → Create Credentials → API key

Example

AIzaSyA1234567890abcdefghijklmnopqrstuv

The file path to a Google Cloud service account key JSON file. Used by Google Cloud client libraries for authentication via Application Default Credentials (ADC). This is the most common way to authenticate server-to-server communication with GCP services.

Provider

Google Cloud

Category

authentication

Set by

Set manually to the path of a downloaded service account key JSON file

Example

/path/to/service-account-key.json

Contains the full JSON content of a service account key, as an alternative to referencing a file via GOOGLE_APPLICATION_CREDENTIALS. Used in environments where writing a file is inconvenient, such as certain CI/CD platforms. The entire JSON must be provided as a single string.

Provider

Google Cloud

Category

authentication

Set by

Set via environment variable with the JSON content of the service account key

Example

{"type":"service_account","project_id":"my-project",...}

The Google Cloud project ID to use as the default for API requests. Used by Cloud client libraries when no project is specified in code. Project IDs are globally unique identifiers that you choose when creating a project.

Provider

Google Cloud

Category

configuration

Set by

Set manually or via gcloud config set project

Example

my-project-123456

Specifies the Google Cloud project to bill for API quota and usage when different from the authenticated project. Used for quota attribution in shared environments where multiple teams or services share credentials but need separate billing.

Provider

Google Cloud

Category

configuration

Set by

Set via environment variable or gcloud auth application-default set-quota-project

Example

my-billing-project

The default Google Cloud region for deploying and managing regional resources. Regions are geographic locations (e.g., us-central1, europe-west1) that contain one or more zones. Used by deployment tools and client libraries when no region is specified.

Provider

Google Cloud

Category

configuration

Set by

Set manually in application configuration or CI/CD variables

Example

us-central1

The name of the Cloud Run configuration that created the current revision. The configuration holds the template for creating revisions. In most cases, this matches the service name.

Provider

Google Cloud

Category

compute

Set by

Automatically set by the Cloud Run runtime

Example

my-api-service

The name of the Cloud Run revision currently being executed. Revisions are immutable snapshots of a Cloud Run service. Each deployment creates a new revision. Useful for identifying which version of the code is running.

Provider

Google Cloud

Category

compute

Set by

Automatically set by the Cloud Run runtime

Example

my-api-service-00042-abc

The name of the Cloud Run service currently being executed. Set automatically by the Cloud Run runtime. Used for logging, tracing, and constructing URLs. Available in both Cloud Run services and Cloud Run jobs.

Provider

Google Cloud

Category

compute

Set by

Automatically set by the Cloud Run runtime

Example

my-api-service

The port that Cloud Run injects for your container to listen on. Cloud Run sets this to 8080 by default. Your HTTP server must listen on this port to receive requests. This is distinct from the general PORT convention — on Cloud Run it is always set by the platform.

Provider

Google Cloud

Category

compute

Set by

Automatically set by the Cloud Run runtime

Default

8080

Example

8080

An application-defined variable specifying the Google Cloud Pub/Sub subscription name for consuming messages. Subscriptions are attached to topics and can be pull-based or push-based. Each message is delivered to each subscription at least once.

Provider

Google Cloud

Category

messaging

Set by

Set manually in application configuration

Example

my-events-subscription

An application-defined variable specifying the Google Cloud Pub/Sub topic name to publish messages to. Pub/Sub provides asynchronous messaging between services. The full topic path is projects/{project}/topics/{topic}.

Provider

Google Cloud

Category

messaging

Set by

Set manually in application configuration

Example

my-events-topic

A comma-separated list of Cassandra node addresses used as initial contact points for the driver to discover the cluster topology. The driver connects to these nodes first, then discovers the rest of the cluster via gossip protocol.

Provider

Databases

Category

cassandra

Set by

Set manually with one or more Cassandra node addresses

Example

cassandra-node1.example.com,cassandra-node2.example.com

A universal database connection string following the URI format protocol://user:password@host:port/database. Used by ORMs (Prisma, Sequelize, SQLAlchemy, ActiveRecord) and database drivers as the primary connection configuration. Supports PostgreSQL, MySQL, SQLite, and other databases.

Provider

Databases

Category

connection

Set by

Set manually in application configuration or provided by PaaS platforms (Heroku, Railway, Render)

Example

postgresql://user:password@localhost:5432/mydb?sslmode=require

The URL of the Elasticsearch cluster endpoint. Used by Elasticsearch client libraries to connect to the search engine. Supports both http:// and https:// schemes. May include authentication credentials in the URL or use separate authentication configuration.

Provider

Databases

Category

search

Set by

Set manually or provided by Elastic Cloud or hosting platform

Example

https://my-cluster.es.us-east-1.aws.elastic.cloud:9243

An alternative name for the MongoDB connection URI, commonly used by Meteor.js and some older Node.js applications. Functionally identical to MONGODB_URI. The naming convention varies by framework and platform.

Provider

Databases

Category

mongodb

Set by

Set manually or provided by hosting platform

Example

mongodb://user:password@localhost:27017/mydb

The MongoDB connection string following the mongodb:// or mongodb+srv:// URI format. Includes authentication credentials, host information, and connection options. Used by the MongoDB Node.js driver, Mongoose, and other MongoDB client libraries.

Provider

Databases

Category

mongodb

Set by

Set manually or provided by MongoDB Atlas or PaaS platforms

Example

mongodb+srv://user:password@cluster0.abc123.mongodb.net/mydb?retryWrites=true&w=majority

The system administrator (SA) password for Microsoft SQL Server. Required by the official SQL Server Docker image to initialize the database on first startup. Must meet SQL Server password complexity requirements: at least 8 characters including uppercase, lowercase, digits, and symbols.

Provider

Databases

Category

mssql

Set by

Set in Docker Compose or container environment for SQL Server initialization

Example

YourStr0ng!Passw0rd

The name of the MySQL database to use. In the official MySQL Docker image, this variable causes the specified database to be created on first startup if it does not exist. Used by applications and ORMs to select the target database.

Provider

Databases

Category

mysql

Set by

Set manually or in Docker Compose for the MySQL container

Example

myapp_production

The hostname or IP address of the MySQL server. Used by the official MySQL client libraries and many ORMs. Defaults to localhost if not set. For Docker MySQL containers, this is commonly set to the container service name.

Provider

Databases

Category

mysql

Set by

Set manually or via platform environment configuration

Default

localhost

Example

mysql.example.com

The password for the MySQL user specified by MYSQL_USER. In the official MySQL Docker image, this sets the password for the newly created user. Should be stored securely using secrets management in production environments.

Provider

Databases

Category

mysql

Set by

Set manually or via secrets management

Example

my-secret-password

The port number for the MySQL server connection. The standard MySQL port is 3306. Override when the MySQL instance runs on a non-standard port or when port mapping is in use with containers.

Provider

Databases

Category

mysql

Set by

Set manually if the MySQL server uses a non-default port

Default

3306

Example

3306

Sets the root password for a MySQL server. Required by the official MySQL Docker image on first startup to initialize the root account. One of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD, or MYSQL_RANDOM_ROOT_PASSWORD must be specified.

Provider

Databases

Category

mysql

Set by

Set in Docker Compose or container environment for MySQL initialization

Example

root-secret-password

The username for MySQL authentication. In the official MySQL Docker image, this creates a new user with GRANT ALL privileges on the database specified by MYSQL_DATABASE. Must be used together with MYSQL_PASSWORD.

Provider

Databases

Category

mysql

Set by

Set manually or in Docker Compose environment configuration

Example

app_user

The maximum time in seconds to wait for a connection to the PostgreSQL server. If the connection cannot be established within this time, the attempt is aborted. Useful for detecting unreachable database servers quickly in health checks and startup probes.

Provider

Databases

Category

postgresql

Set by

Set manually to configure connection timeout behavior

Default

0 (wait indefinitely)

Example

10

The name of the PostgreSQL database to connect to. If not set, libpq defaults to a database matching the current username. Used alongside PGHOST, PGPORT, PGUSER, and PGPASSWORD for parameterized PostgreSQL connections.

Provider

Databases

Category

postgresql

Set by

Set manually or via platform environment configuration

Example

myapp_production

The hostname or IP address of the PostgreSQL server. Used by the libpq client library and all drivers that build on it (psycopg2, node-postgres, etc.). Defaults to connecting via a local Unix socket if not set.

Provider

Databases

Category

postgresql

Set by

Set manually or via platform environment configuration

Example

db.example.com

The password for PostgreSQL authentication. While convenient for development and scripting, PostgreSQL documentation discourages its use in production due to security concerns — prefer .pgpass files or connection URIs stored in secrets managers instead.

Provider

Databases

Category

postgresql

Set by

Set manually; prefer .pgpass file or secrets manager for production

Example

my-secret-password

The port number to connect to on the PostgreSQL server. Defaults to 5432 if not set. Used by the libpq client library and all PostgreSQL drivers. Override when your PostgreSQL instance runs on a non-standard port.

Provider

Databases

Category

postgresql

Set by

Set manually if the PostgreSQL server uses a non-default port

Default

5432

Example

5432

Controls the SSL/TLS behavior for PostgreSQL connections. Common values are disable, require, verify-ca, and verify-full. Cloud-hosted PostgreSQL services typically require at minimum require. The verify-full mode provides the strongest security by verifying both the certificate and hostname.

Provider

Databases

Category

postgresql

Set by

Set manually based on security requirements

Default

prefer

Example

require

The username for PostgreSQL authentication. If not set, libpq defaults to the operating system username. Used by all PostgreSQL client libraries that respect libpq environment variables.

Provider

Databases

Category

postgresql

Set by

Set manually or via platform environment configuration

Example

app_user

The hostname or IP address of the Redis server. Used by Redis client libraries as a parameterized alternative to REDIS_URL. Defaults to localhost (127.0.0.1) in most Redis clients when not set.

Provider

Databases

Category

redis

Set by

Set manually or via platform environment configuration

Default

127.0.0.1

Example

redis.example.com

The password for authenticating with a Redis server using the AUTH command. Required when Redis is configured with requirepass. Used alongside REDIS_HOST and REDIS_PORT for parameterized Redis connections.

Provider

Databases

Category

redis

Set by

Set manually or via secrets management

Example

my-redis-password

The port number for the Redis server connection. The standard Redis port is 6379. TLS-enabled Redis instances often use port 6380. Override when the Redis instance runs on a non-standard port.

Provider

Databases

Category

redis

Set by

Set manually if the Redis server uses a non-default port

Default

6379

Example

6379

The Redis connection URL following the redis:// or rediss:// (TLS) URI format. Includes authentication credentials, host, port, and database number. Used by Redis client libraries across all languages and commonly provided by Redis hosting services.

Provider

Databases

Category

redis

Set by

Set manually or provided by Redis hosting services (Redis Cloud, Upstash, etc.)

Example

rediss://default:password@redis.example.com:6380/0

An application-defined variable specifying the file path to a SQLite database file. SQLite is a serverless, file-based database engine. The special value :memory: creates an in-memory database that does not persist to disk.

Provider

Databases

Category

sqlite

Set by

Set manually in application configuration

Example

/var/data/myapp.db

The build number for the current Jenkins build, incrementing with each new build of the job. Also set by some other CI systems. Used for versioning artifacts, tagging Docker images, and tracking build progression over time.

Provider

CI/CD

Category

jenkins

Set by

Automatically set by Jenkins (and some other CI systems)

Example

42

The full URL of the current Jenkins build, providing a direct link to the build's page in the Jenkins UI. Useful for including in notifications, comments, and deployment logs to link back to the build details.

Provider

CI/CD

Category

jenkins

Set by

Automatically set by Jenkins

Example

https://jenkins.example.com:8080/job/my-project/42/

A widely-adopted convention set to true by most CI/CD platforms to indicate that code is running in a continuous integration environment. Used by build tools, test frameworks, and package managers to adjust behavior — for example, disabling interactive prompts and enabling non-interactive mode.

Provider

CI/CD

Category

general

Set by

Automatically set by CI/CD platforms (GitHub Actions, GitLab CI, Jenkins, CircleCI, etc.)

Example

true

The branch or tag name for which the GitLab CI/CD pipeline is running. For branches, contains the branch name (e.g., main). For tags, contains the tag name (e.g., v1.0.0). Used for conditional deployment logic.

Provider

CI/CD

Category

gitlab-ci

Set by

Automatically set by GitLab CI/CD

Example

main

The full commit SHA being built in a GitLab CI/CD pipeline. Used for tagging Docker images, creating release artifacts, and tracking which exact commit a build corresponds to.

Provider

CI/CD

Category

gitlab-ci

Set by

Automatically set by GitLab CI/CD

Example

ffac537e6cbbf934b08745a378932722df287a53

A temporary token generated for each GitLab CI/CD job, used to authenticate with the GitLab API, container registry, and package registry. The token has the same permissions as the user who triggered the pipeline and expires when the job completes.

Provider

CI/CD

Category

gitlab-ci

Set by

Automatically generated by GitLab CI/CD for each job

Example

64_xxxxxxxxxxxxxxxxxx

The unique ID of the current GitLab CI/CD pipeline. Unique across all projects on the GitLab instance. Used for tracking builds, generating unique artifact names, and linking to the pipeline in the GitLab UI.

Provider

CI/CD

Category

gitlab-ci

Set by

Automatically set by GitLab CI/CD

Example

123456

The full path to the directory where the repository is cloned in a GitLab CI/CD job. This is the working directory for all job commands unless explicitly changed. Build artifacts and test outputs are relative to this path.

Provider

CI/CD

Category

gitlab-ci

Set by

Automatically set by GitLab CI/CD

Example

/builds/my-group/my-project

The name of the Git branch being built in CircleCI. Only set for branch-triggered builds, not for tag-triggered builds or API-triggered pipelines. Used for conditional deployment logic and branch-specific build behavior.

Provider

CI/CD

Category

circleci

Set by

Automatically set by CircleCI for branch builds

Example

feature/new-feature

The number of the current CircleCI build, incrementing for each new job run. Unique within the project. Used for versioning, artifact naming, and tracking build history across deployments.

Provider

CI/CD

Category

circleci

Set by

Automatically set by CircleCI

Example

456

Set to true when running in a CircleCI environment. Used to detect CircleCI specifically. All CircleCI jobs also set CI=true. Enables CircleCI-specific behavior in build scripts and test configurations.

Provider

CI/CD

Category

circleci

Set by

Automatically set by CircleCI

Example

true

The unique URL for the current Netlify deploy. Each deploy gets a permanent URL that does not change, even after new deploys. Useful for deploy previews, testing, and rollback scenarios. Different from the production URL.

Provider

CI/CD

Category

netlify

Set by

Automatically set by Netlify for each deploy

Example

https://6789abcdef--my-site.netlify.app

Set to true when running in GitHub Actions. Used to detect the GitHub Actions environment specifically, as CI is also set by many other platforms. Always true during any GitHub Actions workflow run.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions

Example

true

The username of the person or app that triggered the workflow. For pull requests, this is the user who opened or pushed to the PR. For scheduled workflows, this is the repository owner. Useful for audit logging and notifications.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions

Example

octocat

The URL of the GitHub REST API. Defaults to https://api.github.com for github.com. Different for GitHub Enterprise Server. Used when making direct API calls from workflow scripts.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions

Default

https://api.github.com

Example

https://api.github.com

The base ref (target branch) of a pull request. Only set for pull_request and pull_request_target events. Contains just the branch name (e.g., main) without the refs/heads/ prefix. Used to determine what branch the PR will merge into.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions for pull request events only

Example

main

The path to a file used to set environment variables for subsequent steps in a GitHub Actions job. Write key=value pairs to this file to make variables available to all later steps. Replaced the deprecated set-env command.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions to a temporary file path

Example

/home/runner/work/_temp/_runner_file_commands/set_env_abc123

The name of the event that triggered the workflow, such as push, pull_request, schedule, or workflow_dispatch. Used for conditional logic in workflow steps to handle different trigger types differently.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions based on the triggering event

Example

push

The head ref (source branch) of a pull request. Only set for pull_request and pull_request_target events. Contains just the branch name (e.g., feature/my-branch) without the refs/heads/ prefix.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions for pull request events only

Example

feature/my-branch

The path to a file used to set step outputs in GitHub Actions. Steps write key=value pairs to this file to pass data to subsequent steps. Replaced the deprecated set-output command. Use echo 'key=value' >> $GITHUB_OUTPUT.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions to a temporary file path

Example

/home/runner/work/_temp/_runner_file_commands/set_output_abc123

The fully qualified ref that triggered the workflow, such as refs/heads/main for branch pushes, refs/tags/v1.0.0 for tag pushes, or refs/pull/42/merge for pull requests. Use GITHUB_HEAD_REF and GITHUB_BASE_REF for PR-specific branch names.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions based on the triggering event

Example

refs/heads/main

The owner and repository name in the format owner/repo. Used to construct API URLs, clone URLs, and reference the repository in scripts. Available in all GitHub Actions workflow runs.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions

Example

octocat/hello-world

A unique number for each workflow run within a repository. Does not change on re-runs of the same workflow. Useful for constructing URLs to the workflow run page and for deduplicating artifacts or deployments.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions

Example

1658821493

The URL of the GitHub server. Defaults to https://github.com for github.com and varies for GitHub Enterprise Server installations. Used for constructing URLs to repositories, commits, and other GitHub resources.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions

Default

https://github.com

Example

https://github.com

The commit SHA that triggered the workflow. For push events, this is the pushed commit. For pull request events, this is the merge commit SHA. Use this for tagging artifacts, creating releases, or any operation that needs to reference the exact commit.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions

Example

ffac537e6cbbf934b08745a378932722df287a53

An automatically generated token for authenticating GitHub API requests within a workflow. Scoped to the repository running the workflow with configurable permissions. The token expires when the job finishes. Avoids the need for personal access tokens in most CI/CD scenarios.

Provider

CI/CD

Category

github-actions

Set by

Automatically generated by GitHub Actions for each workflow run

Example

ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

The name of the workflow as defined in the workflow YAML file. Used for logging and to identify which workflow is running when a repository has multiple workflows. Matches the name field at the top of the workflow file.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions from the workflow file name field

Example

CI

The default working directory on the runner for steps in a job. The checkout action clones the repository into this directory. The path is reset for each job in a workflow and is typically /home/runner/work/{repo}/{repo}.

Provider

CI/CD

Category

github-actions

Set by

Automatically set by GitHub Actions

Example

/home/runner/work/hello-world/hello-world

Set to true when running in GitLab CI/CD pipelines. Used to detect the GitLab CI environment. All GitLab CI/CD jobs have this variable set, along with CI. Enables environment-specific behavior in build scripts.

Provider

CI/CD

Category

gitlab-ci

Set by

Automatically set by GitLab CI/CD

Example

true

The absolute path to the Jenkins home directory on the controller, where Jenkins stores its configuration, job definitions, and build data. Available in all Jenkins builds and useful for referencing shared resources or configuration files.

Provider

CI/CD

Category

jenkins

Set by

Automatically set by Jenkins

Example

/var/lib/jenkins

The full URL of the Jenkins server, including the port number. Set automatically in all Jenkins builds. Used to construct URLs to build results, API endpoints, and for integrating with external services that need to call back to Jenkins.

Provider

CI/CD

Category

jenkins

Set by

Automatically set by Jenkins

Example

https://jenkins.example.com:8080/

The name of the Jenkins job currently being executed, including the folder path if the job is inside a folder. Useful for conditional logic based on which job is running and for constructing unique artifact identifiers.

Provider

CI/CD

Category

jenkins

Set by

Automatically set by Jenkins

Example

my-folder/my-project

Set to true when the build is running on Netlify. Used to detect the Netlify environment. Allows build scripts and application code to apply Netlify-specific configuration and behavior adjustments.

Provider

CI/CD

Category

netlify

Set by

Automatically set by Netlify during builds

Example

true

Set to true when running in Travis CI. Used to detect the Travis CI environment. Travis CI also sets CI=true. Enables Travis-specific build configurations and conditional steps.

Provider

CI/CD

Category

travis-ci

Set by

Automatically set by Travis CI

Example

true

The name of the branch being built in Travis CI. For push builds, this is the branch that was pushed. For pull request builds, this is the base branch the PR targets. Used for branch-specific deployment logic.

Provider

CI/CD

Category

travis-ci

Set by

Automatically set by Travis CI

Example

main

Set to 1 when the application is running on Vercel's platform. Used to detect the Vercel deployment environment. Useful for platform-specific logic and adapting application behavior for Vercel's serverless infrastructure.

Provider

CI/CD

Category

vercel

Set by

Automatically set by Vercel during builds and at runtime

Example

1

The Vercel environment the deployment is running in — production, preview, or development. Used to adjust application behavior based on the deployment target. Production deployments use the primary domain, while preview deployments get unique URLs.

Provider

CI/CD

Category

vercel

Set by

Automatically set by Vercel based on the deployment context

Example

production

The URL of the current Vercel deployment, without the protocol prefix. Each deployment gets a unique URL. Useful for constructing absolute URLs for Open Graph tags, sitemaps, and API endpoints. Does not include the custom domain.

Provider

CI/CD

Category

vercel

Set by

Automatically set by Vercel for each deployment

Example

my-project-abc123.vercel.app