envcheck
| Crates.io | envcheck |
| lib.rs | envcheck |
| version | 1.2.0 |
| created_at | 2025-12-29 08:43:17.178818+00 |
| updated_at | 2025-12-29 08:43:17.178818+00 |
| description | A fast, modern CLI for linting .env files and detecting K8s โ env mismatches |
| homepage | |
| repository | https://github.com/envcheck/envcheck |
| max_upload_size | |
| id | 2010242 |
| size | 6,350,186 |
steven (skew202)
documentation
README
envcheck
A fast, modern Rust CLI for linting .env files and ensuring environment synchronization across your entire DevSecOps stack.
โจ Features
Core
- Lint - Detects duplicate keys, invalid syntax, empty values, trailing whitespace, unsorted keys
- Compare - Identifies missing keys across multiple environment files
- Fix - Auto-fix issues with
--commitand--prflags for CI integration - TUI - Interactive terminal UI for comparing and merging
.envfiles
DevSecOps Integrations
| Integration | Command | What it checks |
|---|---|---|
| Kubernetes | envcheck k8s-sync |
SecretKeyRef/ConfigMapKeyRef vs .env |
| Terraform | envcheck terraform |
TF_VAR_* variable usage |
| Ansible | envcheck ansible |
lookup('env', 'VAR') calls |
| GitHub Actions | envcheck actions |
env: blocks in workflows |
| Helm | envcheck helm |
SCREAMING_SNAKE_CASE in values.yaml |
| ArgoCD | envcheck argo |
plugin.env and kustomize.commonEnv |
Output Formats
- Text - Colored terminal output (default)
- JSON - Machine-readable for pipelines
- GitHub - Native GitHub Actions annotations
- SARIF - GitHub Security tab integration
- PR Comment - Markdown for PR/MR comments
๐ Installation
Cargo (Recommended)
cargo install envcheck
npm
npm install -g @envcheck/cli
# or use without installing
npx @envcheck/cli lint .env
Homebrew
brew tap envcheck/tap
brew install envcheck
Binary Releases
Download pre-built binaries from GitHub Releases.
๐ Usage
Lint .env files
envcheck lint .env
envcheck lint .env .env.local .env.prod
envcheck lint .env --format json
envcheck lint .env --format sarif > results.sarif
Compare environments
envcheck compare .env.example .env.prod
Fix issues automatically
envcheck fix .env # Sort keys, remove whitespace
envcheck fix .env --commit # Auto-commit changes
envcheck fix .env --pr # Create a PR with fixes
Interactive TUI
envcheck tui .env.example .env .env.prod
K8s Sync
envcheck k8s-sync k8s/*.yaml --env .env.example
Terraform
envcheck terraform infra/ --env .env
Ansible
envcheck ansible playbooks/ --env .env
GitHub Actions
envcheck actions .github/workflows --env .env
Helm
envcheck helm charts/myapp --env .env
ArgoCD
envcheck argo argocd/apps --env .env
Shell Completions
envcheck completions bash > /etc/bash_completion.d/envcheck
envcheck completions zsh > ~/.zsh/completions/_envcheck
envcheck completions fish > ~/.config/fish/completions/envcheck.fish
๐ Lint Rules
| ID | Rule | Severity | Description |
|---|---|---|---|
E001 |
Duplicate Key | Error | Key defined multiple times |
E002 |
Invalid Syntax | Error | Line is not KEY=VALUE |
W001 |
Empty Value | Warning | Key has no value |
W002 |
Trailing Whitespace | Warning | Line ends with whitespace |
W003 |
Unsorted Keys | Warning | Keys are not alphabetically sorted |
W004 |
Missing Key | Warning | Key missing in comparison file |
W005 |
K8s Missing Env | Warning | Key in K8s not in .env |
W006 |
Unused Env | Info | Key in .env not in K8s |
โ๏ธ Configuration
Create .envcheckrc.yaml or .envcheckrc.toml in your project root:
# .envcheckrc.yaml
rules:
disable:
- W003 # Don't warn about unsorted keys
warnings_as_errors: false
ignore:
- "*.local"
- ".env.development"
format: text
files:
- .env
- .env.example
.envcheckignore
# Ignore patterns (like .gitignore)
*.local
.env.development
tests/fixtures/**
JSON Schema for IDE autocompletion: https://envcheck.github.io/schema/envcheckrc.json
๐ CI/CD Integration
GitHub Actions
- uses: envcheck/action-envcheck@v1
with:
command: lint
args: .env.example .env
format: github
Pre-commit
repos:
- repo: https://github.com/envcheck/envcheck
rev: v0.1.0
hooks:
- id: envcheck-lint
args: [".env.example", ".env"]
- id: envcheck-k8s
args: ["k8s/*.yaml", "--env", ".env.example"]
GitLab CI
envcheck:
image: rust:latest
script:
- cargo install envcheck
- envcheck lint .env --format json > envcheck-report.json
artifacts:
reports:
codequality: envcheck-report.json
๐๏ธ Architecture
envcheck/
โโโ envcheck/ # Core Rust CLI (this repo)
โโโ envcheck-npm/ # npm wrapper package
โโโ action-envcheck/ # GitHub Action
โโโ envcheck.github.io/ # Documentation website
๐ง Performance
- Parallel processing with Rayon
- Zero-copy parsing with
Cow<str>for reduced allocations - Benchmarks available via
cargo bench
parse_env_file: ~3.3 ยตs
lint_rules: ~2.3 ยตs
๐ค Comparison
| Feature | envcheck | dotenv-linter |
|---|---|---|
| Linting | โ | โ |
| Compare | โ | โ |
| Auto-fix | โ + commit/PR | โ |
| K8s Sync | โ | โ |
| Terraform | โ | โ |
| Ansible | โ | โ |
| GitHub Actions | โ | โ |
| Helm | โ | โ |
| ArgoCD | โ | โ |
| TUI | โ | โ |
| SARIF | โ | โ |
| Config files | โ | โ |
| Shell completions | โ | โ |
๐ฆ Related Packages
- envcheck-npm - npm wrapper
- action-envcheck - GitHub Action
- envcheck.github.io - Documentation
๐ License
MIT