Skip to Content
Self-HostingRuntime Env Whitelisting

Runtime Env Whitelisting

BuildPad DaaS exposes runtime environment values to automation code through a strict allowlist model.

This feature is environment-variable only:

  • No database configuration
  • No settings UI
  • Controlled entirely by deployment env vars

Configuration Variables

VariableScopeFormat
RUNTIME_ENV_WHITELIST_GLOBALShared across all runtimesComma-separated keys
RUNTIME_ENV_WHITELIST_EXTENSIONRuntime extensions onlyComma-separated keys
RUNTIME_ENV_WHITELIST_CRONCron jobs onlyComma-separated keys
RUNTIME_ENV_WHITELIST_CUSTOM_SERVICECustom services onlyComma-separated keys

Example:

RUNTIME_ENV_WHITELIST_GLOBAL=API_BASE_URL,APP_REGION RUNTIME_ENV_WHITELIST_EXTENSION=WEBHOOK_SIGNING_SALT RUNTIME_ENV_WHITELIST_CRON=DIGEST_WINDOW_MINUTES RUNTIME_ENV_WHITELIST_CUSTOM_SERVICE=SLACK_TOKEN

Prefix-Based Exposure

You can expose values by prefixing real runtime env vars:

PrefixScope
RUNTIME_PUBLIC_Shared across all runtimes
EXTENSION_PUBLIC_Runtime extensions only
CRON_PUBLIC_Cron jobs only
CUSTOM_SERVICE_PUBLIC_Custom services only

Example:

RUNTIME_PUBLIC_SITE_URL=https://daas.example.com CRON_PUBLIC_BATCH_SIZE=500

In runtime code these become:

  • SITE_URL
  • BATCH_SIZE (cron only)

How To Use In Code

Runtime extension hook

Extension code receives services as a top-level variable (same object available as context.services):

export async function handler(payload, meta, context, services) { const apiBase = services.env.API_BASE_URL; // Equivalently: // const apiBase = context.services.env.API_BASE_URL; // context.env does NOT exist in extensions // ... return payload; }

Cron job

Cron code receives context (job metadata: jobId, jobName, runId, etc.) and services. Use services.env:

async function run(context, services) { const batch = Number(services.env.BATCH_SIZE || '100'); // context.env does NOT exist in cron jobs // ... }

Custom service

Custom service code receives a single context argument. Use context.env:

export async function notify(channel, message) { const token = context.env.SLACK_TOKEN; // context.services.env also works // const token = context.services.env.SLACK_TOKEN; // There is no bare `services` variable in custom service code // ... }

Key Format Rules

  • Key names must match [A-Z][A-Z0-9_]* (uppercase, digits, underscores).
  • Invalid names are silently ignored.
  • Duplicate entries are deduplicated.

Docker Example

environment: - RUNTIME_ENV_WHITELIST_GLOBAL=API_BASE_URL,APP_REGION - RUNTIME_ENV_WHITELIST_CUSTOM_SERVICE=SLACK_TOKEN - RUNTIME_PUBLIC_SITE_URL=https://daas.example.com - CUSTOM_SERVICE_PUBLIC_EMAIL_PROVIDER=ses

See Environment Variables for the full configuration reference.

Last updated on