AgentSkillsCN

configuration

实施配置管理模式,包括环境变量、密钥、功能标志与校验策略。在设置应用配置、管理特定于环境的参数、实施功能标志、安全存储密钥,或在启动时对配置进行校验时,可使用此技能。

SKILL.md
--- frontmatter
name: "configuration"
description: 'Implement configuration management patterns including environment variables, secrets, feature flags, and validation strategies. Use when setting up app configuration, managing environment-specific settings, implementing feature flags, storing secrets securely, or validating configuration at startup.'
metadata:
  author: "AgentX"
  version: "1.0.0"
  created: "2025-01-15"
  updated: "2025-01-15"

Configuration Management

Purpose: Manage application configuration securely across environments.
Goal: Externalized config, no hardcoded secrets, fail-fast validation.
Note: For implementation, see C# Development or Python Development.


Prerequisites

  • Understanding of environment variables
  • Access to a secrets manager for production

Decision Tree

code
Configuration concern?
├─ Where to store?
│   ├─ Secrets (passwords, API keys) → Vault / secrets manager
│   ├─ Environment-specific → Environment variables
│   ├─ App defaults → Config file (appsettings.json, .env.example)
│   └─ Feature flags → Remote config service
├─ How to validate?
│   ├─ Required values? → Fail fast at startup (not at first use)
│   ├─ Typed values? → Parse + validate on load
│   └─ Schema validation? → Use config class / Pydantic model
└─ Multiple environments?
    ├─ Use layered config: base + environment override
    └─ NEVER commit .env files (use .env.example as template)

Configuration Hierarchy

code
Priority (highest to lowest):
  1. Command-line arguments
  2. Environment variables
  3. Environment-specific config files
  4. Base config files
  5. Default values in code

Principle: Higher priority sources override lower ones.


Environment Variables

When to Use

Environment Variables For:

  • Secrets (API keys, passwords, connection strings)
  • Environment-specific URLs (API endpoints)
  • Feature toggles that change per environment
  • Cloud provider credentials

Config Files For:

  • Structured configuration (nested settings)
  • Default values
  • Non-sensitive settings
  • Documentation of available options

Best Practices

code
✅ DO:
  - Use descriptive names: DATABASE_URL, API_KEY, FEATURE_NEW_UI_ENABLED
  - Prefix with app name for namespacing: MYAPP_DATABASE_URL
  - Document all required environment variables
  - Provide sensible defaults where safe
  - Validate on startup (fail fast)

❌ DON'T:
  - Hardcode secrets in code or config files
  - Commit .env files to version control
  - Use environment variables for complex nested config
  - Leave required variables undocumented

Best Practices Summary

PracticeDescription
Externalize configNo config in code, all external
Fail fastValidate all required config at startup
Use secrets managerNever commit secrets to version control
Type safetyUse strongly-typed config classes
Default valuesProvide sensible defaults where safe
DocumentList all config options and their purpose
Environment paritySame config structure across all environments
Immutable configDon't change config at runtime

Configuration Libraries

LanguageLibraries
.NETIConfiguration, IOptions<T>, Azure Key Vault SDK
Pythonpython-dotenv, pydantic-settings, boto3 (AWS)
Node.jsdotenv, convict, config
JavaSpring Config, Apache Commons Configuration
Goviper, envconfig

See Also: SecurityC# DevelopmentPython Development

Troubleshooting

IssueSolution
Config not loading in productionCheck environment variable names match, verify config file is deployed
Secrets exposed in config filesUse secrets manager or user-secrets for development, never commit secrets
Feature flag not togglingCheck flag evaluation context, verify flag provider connection

References