Claude-code-plugins-plus-skills managing-environment-configurations
install
source · Clone the upstream repo
git clone https://github.com/jeremylongshore/claude-code-plugins-plus-skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/jeremylongshore/claude-code-plugins-plus-skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/plugins/devops/environment-config-manager/skills/managing-environment-configurations" ~/.claude/skills/jeremylongshore-claude-code-plugins-plus-skills-managing-environment-configurati-10c489 && rm -rf "$T"
manifest:
plugins/devops/environment-config-manager/skills/managing-environment-configurations/SKILL.mdsource content
Managing Environment Configurations
Overview
Manage application configurations across development, staging, and production environments using
.envPrerequisites
- Access to all target environments (dev, staging, production)
- Configuration management tool or pattern identified (dotenv, ConfigMaps, SSM, Consul)
- Version control for configuration files (separate repo or encrypted in application repo)
- Encryption tool for sensitive values (
,sops
,age
, or cloud KMS)sealed-secrets - Understanding of which values differ between environments vs. which are shared
Instructions
- Audit existing configuration: scan for
files,.env
directories, Kubernetes ConfigMaps, and hardcoded values in source codeconfig/ - Classify each configuration value: public (non-sensitive, varies per env), secret (credentials, API keys), and static (same across all envs)
- Extract hardcoded values into externalized configuration with a clear naming convention (
,APP_DATABASE_HOST
)APP_REDIS_URL - Create environment-specific configuration files:
,.env.development
,.env.staging.env.production - Encrypt sensitive values using
with cloud KMS orsops
for Kubernetessealed-secrets - Generate Kubernetes ConfigMaps and Secrets from environment files for cluster-based deployments
- Set up configuration validation: schema checks to ensure all required variables are present before deployment
- Implement promotion workflow: changes go to dev first, then promote to staging after testing, then to production with approval
- Add configuration drift detection: compare running environment against source-of-truth on a schedule
Output
- Environment-specific configuration files (
,.env.*
)config/*.yaml - Kubernetes ConfigMap and Secret manifests per environment
- Configuration schema/validation script to catch missing variables
- SOPS-encrypted secret files with
rules.sops.yaml - CI/CD pipeline steps for configuration validation and deployment
Error Handling
| Error | Cause | Solution |
|---|---|---|
| Variable defined in schema but absent from | Add the variable to the environment file; run validation script before deploy |
| Wrong KMS key or expired credentials | Verify KMS key ARN in |
| Kubernetes 1MB ConfigMap size limit exceeded | Split into multiple ConfigMaps or mount as files from a volume |
| Manual changes made directly to running environment | Re-apply configuration from source-of-truth; block direct environment edits |
| Application logging sensitive config values at startup | Mask secrets in logging output; audit code for accidental secret printing |
Examples
- "Create an environment configuration system using
files for a Node.js app with SOPS encryption for secrets and validation that all required vars are set.".env - "Generate Kubernetes ConfigMaps and Secrets from environment files for dev, staging, and production namespaces."
- "Set up a configuration promotion workflow: edit in dev, validate in CI, promote to staging via PR, deploy to production with approval gate."
Resources
- 12-Factor App config: https://12factor.net/config
- SOPS encryption: https://github.com/getsops/sops
- Kubernetes ConfigMaps: https://kubernetes.io/docs/concepts/configuration/configmap/
- Sealed Secrets: https://github.com/bitnami-labs/sealed-secrets
- Consul KV: https://developer.hashicorp.com/consul/docs/dynamic-app-config/kv