Runtime Env Whitelisting
BuildPad DaaS exposes runtime environment values to automation code through a strict allowlist model.
This feature is environment-variable only:
- No database configuration
- No settings UI
- Controlled entirely by deployment env vars
Configuration Variables
| Variable | Scope | Format |
|---|---|---|
RUNTIME_ENV_WHITELIST_GLOBAL | Shared across all runtimes | Comma-separated keys |
RUNTIME_ENV_WHITELIST_EXTENSION | Runtime extensions only | Comma-separated keys |
RUNTIME_ENV_WHITELIST_CRON | Cron jobs only | Comma-separated keys |
RUNTIME_ENV_WHITELIST_CUSTOM_SERVICE | Custom services only | Comma-separated keys |
Example:
RUNTIME_ENV_WHITELIST_GLOBAL=API_BASE_URL,APP_REGION
RUNTIME_ENV_WHITELIST_EXTENSION=WEBHOOK_SIGNING_SALT
RUNTIME_ENV_WHITELIST_CRON=DIGEST_WINDOW_MINUTES
RUNTIME_ENV_WHITELIST_CUSTOM_SERVICE=SLACK_TOKENPrefix-Based Exposure
You can expose values by prefixing real runtime env vars:
| Prefix | Scope |
|---|---|
RUNTIME_PUBLIC_ | Shared across all runtimes |
EXTENSION_PUBLIC_ | Runtime extensions only |
CRON_PUBLIC_ | Cron jobs only |
CUSTOM_SERVICE_PUBLIC_ | Custom services only |
Example:
RUNTIME_PUBLIC_SITE_URL=https://daas.example.com
CRON_PUBLIC_BATCH_SIZE=500In runtime code these become:
SITE_URLBATCH_SIZE(cron only)
How To Use In Code
Runtime extension hook
Extension code receives services as a top-level variable (same object available as context.services):
export async function handler(payload, meta, context, services) {
const apiBase = services.env.API_BASE_URL;
// Equivalently:
// const apiBase = context.services.env.API_BASE_URL;
// context.env does NOT exist in extensions
// ...
return payload;
}Cron job
Cron code receives context (job metadata: jobId, jobName, runId, etc.) and services. Use services.env:
async function run(context, services) {
const batch = Number(services.env.BATCH_SIZE || '100');
// context.env does NOT exist in cron jobs
// ...
}Custom service
Custom service code receives a single context argument. Use context.env:
export async function notify(channel, message) {
const token = context.env.SLACK_TOKEN;
// context.services.env also works
// const token = context.services.env.SLACK_TOKEN;
// There is no bare `services` variable in custom service code
// ...
}Key Format Rules
- Key names must match
[A-Z][A-Z0-9_]*(uppercase, digits, underscores). - Invalid names are silently ignored.
- Duplicate entries are deduplicated.
Docker Example
environment:
- RUNTIME_ENV_WHITELIST_GLOBAL=API_BASE_URL,APP_REGION
- RUNTIME_ENV_WHITELIST_CUSTOM_SERVICE=SLACK_TOKEN
- RUNTIME_PUBLIC_SITE_URL=https://daas.example.com
- CUSTOM_SERVICE_PUBLIC_EMAIL_PROVIDER=sesSee Environment Variables for the full configuration reference.
Last updated on