25 lines
1.3 KiB
Markdown
25 lines
1.3 KiB
Markdown
# Environment boundary
|
|
|
|
Environment variables are a minimized runtime boundary. Prefer explicit profile/manifest configuration and secret references over ambient process state.
|
|
|
|
## Why minimize environment variables
|
|
|
|
Ambient environment is hard to audit: it can differ between shells, services, spawned Pods, tests, and restored processes. If important runtime behavior depends on it, reproducing a session becomes harder.
|
|
|
|
Yoi keeps environment variables for narrow bootstrap and development cases, while normal provider credentials and runtime configuration should be explicit records.
|
|
|
|
## Principles
|
|
|
|
- Distinguish data/runtime paths from resource/config paths.
|
|
- Prefer embedded builtin resources over installed runtime resource directories.
|
|
- Use explicit secret refs for provider and WebSearch credentials.
|
|
- Keep dev-only executable overrides clearly named and documented.
|
|
- Avoid shell-command parser overrides for runtime Pod launch.
|
|
- Tests should prefer typed fixtures/injection and mutate process environment only around thin env-reader behavior.
|
|
|
|
## Current surface
|
|
|
|
Use `YOI_*` for current environment variables. Old project prefixes should not be reintroduced.
|
|
|
|
`YOI_POD_RUNTIME_COMMAND` is a development-only executable-path override for typed `yoi pod` launch. It is not a general shell-command override.
|