Quickstart

This guide walks you through the complete flow: authenticating, configuring a project, and working with secrets.

1. Log in

envshed login

Follow the browser flow to authorize the CLI.

2. Initialize a project

Navigate to your project directory and create a .envshed.json config file:

cd ~/my-app
envshed init -o my-org -p my-project -e development

This creates .envshed.json:

{
  "org": "my-org",
  "project": "my-project",
  "defaultEnv": "development"
}

Now all CLI commands will use these defaults — no need to pass flags every time.

3. Pull secrets

Download your secrets to a .env file:

envshed pull

This creates (or updates) a .env file in your project root. If the file already exists and secrets would be modified or deleted, the CLI will warn you and abort. Use --force to overwrite:

envshed pull --force

4. Push secrets

Upload secrets from a local .env file:

envshed push

Like pull, the CLI checks for changes before overwriting remote secrets. Use --force to skip the check.

5. Run with injected secrets

Run any command with your secrets injected as environment variables — without writing a .env file:

envshed run -- npm start

6. Switch environments

Change the active environment:

envshed env staging

Then pull/push/run will use the new environment:

envshed pull   # now pulls from staging

7. Check your context

See the current org, project, and environment:

envshed branch

Output:

  org:     my-org
  project: my-project
  env:     staging

1. Log in​

2. Initialize a project​

3. Pull secrets​

4. Push secrets​

5. Run with injected secrets​

6. Switch environments​

7. Check your context​