envshed push
Push secrets from a local .env file to Envshed.
Usage
envshed push [-o <org>] [-p <project>] [-e <env>] [-f <path>] [--force]
Options
| Flag | Description | Default |
|---|---|---|
-o, --org <slug> | Organization slug | From config |
-p, --project <slug> | Project slug | From config |
-e, --env <slug> | Environment slug | From config |
-f, --file <path> | Input file path | .env |
--force | Overwrite without checking for changes |
Safe push
By default, the CLI fetches remote secrets and compares them with your local file. If any remote values would be modified or keys are missing from your local file, it aborts:
Push aborted. The following remote changes were detected:
~ API_KEY (will be modified)
- OLD_SECRET (not in local file, will be kept remotely)
Run with --force to push anyway.
Keys present in the remote but missing from your local file are not deleted — they are kept remotely. Only the values you provide are updated or created.
Examples
# Push from .env (default)
envshed push
# Push from a specific file
envshed push -f .env.local
# Force push (skip change detection)
envshed push --force
# Push to a specific environment
envshed push -e staging