Add a new environment variable to the backend the right way — boot-time validation, .env.example documentation, and typed access. Use when introducing any new backend config/secret/flag.
Instalação
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Add a new environment variable to the backend the right way — boot-time validation, .env.example documentation, and typed access. Use when introducing any new backend config/secret/flag.
Add a backend env var
Backend env is validated at boot (fail-fast) in src/config/env.validation.ts.
A misconfigured/missing required var must crash startup, not fail silently later.
Steps
Declare + validate in src/config/env.validation.ts on the
EnvironmentVariables class:
Required: @IsString() (no @IsOptional). Add stronger checks where it
matters: @MinLength(32) for keys, @IsUrl(...), @IsNumber(), @IsEnum(...).
Optional: add @IsOptional() and a sensible default (= '...').
Add a one-line comment explaining what it's for / how to generate it.
Document in .env.example with a comment and a working dev placeholder.
⚠️ If the var is required, the placeholder MUST satisfy validation so a fresh
cp .env.example .env boots (e.g. a ≥32-char string for a key). Mark clearly to
change it for prod.
Access via ConfigService.get<T>('NAME') (injected), or process.env.NAME
in non-DI spots (guards/services already do this) — handle the
not-configured case (fail-closed in production where it's a security control).
Secrets: never log them; if it's a token/credential consider encrypting at
rest (EncryptionService). Ensure it's covered by .gitignore if it lands in a file.
Update backend/AGENTS.md's "Required env" list if the var is required.