Environment Variables

Environment variables provide a flexible way to configure Cyberstrike, especially useful for CI/CD and containerized environments.

📸 SCREENSHOT: env-vars-terminal.png

Setting environment variables in terminal

Provider API Keys

Anthropic

export ANTHROPIC_API_KEY="sk-ant-api03-..."

OpenAI

export OPENAI_API_KEY="sk-proj-..."

Google

export GOOGLE_API_KEY="AI..."

OpenRouter

export OPENROUTER_API_KEY="sk-or-..."

Groq

export GROQ_API_KEY="gsk_..."

Azure OpenAI

export AZURE_API_KEY="..."
export AZURE_RESOURCE_NAME="your-resource"
export AZURE_DEPLOYMENT_NAME="your-deployment"

AWS Bedrock

export AWS_ACCESS_KEY_ID="AKIA..."
export AWS_SECRET_ACCESS_KEY="..."
export AWS_REGION="us-east-1"

Cyberstrike Variables

Model Selection

export CYBERSTRIKE_MODEL="anthropic/claude-opus-4-5-20251101"

Agent Selection

export CYBERSTRIKE_AGENT="web-application"

Theme

export CYBERSTRIKE_THEME="cyberpunk"

Permission Mode

export CYBERSTRIKE_PERMISSION_MODE="default"

Options: default, plan, auto

Debug Mode

export CYBERSTRIKE_DEBUG="true"

Log Level

export CYBERSTRIKE_LOG_LEVEL="debug"

Options: error, warn, info, debug

Configuration References

Use environment variables in config files:

{
  "provider": {
    "anthropic": {
      "options": {
        "apiKey": "{env:ANTHROPIC_API_KEY}"
      }
    }
  }
}

Syntax Options

{
  "apiKey": "{env:VAR_NAME}",
  "apiKey": "${VAR_NAME}",
  "apiKey": "$VAR_NAME"
}

Default Values

{
  "model": "{env:CYBERSTRIKE_MODEL:-anthropic/claude-sonnet-4-20250514}"
}

Uses default if variable is not set.

Shell Configuration

Bash

# Cyberstrike API Keys
export ANTHROPIC_API_KEY="sk-ant-..."

# Cyberstrike Settings
export CYBERSTRIKE_MODEL="anthropic/claude-sonnet-4-20250514"
export CYBERSTRIKE_THEME="cyberpunk"

Zsh

# Cyberstrike API Keys
export ANTHROPIC_API_KEY="sk-ant-..."

# Cyberstrike Settings
export CYBERSTRIKE_MODEL="anthropic/claude-sonnet-4-20250514"

Fish

# Cyberstrike API Keys
set -gx ANTHROPIC_API_KEY "sk-ant-..."

# Cyberstrike Settings
set -gx CYBERSTRIKE_MODEL "anthropic/claude-sonnet-4-20250514"

.env Files

Project .env

ANTHROPIC_API_KEY=sk-ant-...
CYBERSTRIKE_MODEL=anthropic/claude-opus-4-5-20251101
CYBERSTRIKE_AGENT=web-application

Load .env File

# Using dotenv-cli
dotenv -- cyberstrike

# Using source
source .env && cyberstrike

# Using export
export $(cat .env | xargs) && cyberstrike

Caution

Never commit .env files to version control. Add .env to .gitignore.

CI/CD Integration

GitHub Actions

env:
  ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
  CYBERSTRIKE_PERMISSION_MODE: auto

steps:
  - name: Security Scan
    run: cyberstrike run "scan for vulnerabilities"

GitLab CI

variables:
  ANTHROPIC_API_KEY: $ANTHROPIC_API_KEY
  CYBERSTRIKE_PERMISSION_MODE: auto

security_scan:
  script:
    - cyberstrike run "analyze code for security issues"

Jenkins

environment {
    ANTHROPIC_API_KEY = credentials('anthropic-api-key')
    CYBERSTRIKE_PERMISSION_MODE = 'auto'
}

steps {
    sh 'cyberstrike run "security scan"'
}

CircleCI

jobs:
  security-scan:
    environment:
      CYBERSTRIKE_PERMISSION_MODE: auto
    steps:
      - run:
          command: cyberstrike run "scan application"
          environment:
            ANTHROPIC_API_KEY: ${ANTHROPIC_API_KEY}

Docker

Docker Run

docker run -it \
  -e ANTHROPIC_API_KEY="$ANTHROPIC_API_KEY" \
  -e CYBERSTRIKE_MODEL="anthropic/claude-sonnet-4-20250514" \
  cyberstrike/cyberstrike

Docker Compose

services:
  cyberstrike:
    image: cyberstrike/cyberstrike
    environment:
      - ANTHROPIC_API_KEY
      - CYBERSTRIKE_MODEL=anthropic/claude-sonnet-4-20250514
      - CYBERSTRIKE_PERMISSION_MODE=auto
    env_file:
      - .env

Dockerfile

FROM cyberstrike/cyberstrike

ENV CYBERSTRIKE_MODEL=anthropic/claude-sonnet-4-20250514
ENV CYBERSTRIKE_THEME=cyberpunk

# API key should be passed at runtime, not baked in
# docker run -e ANTHROPIC_API_KEY=... image

Priority Order

Environment variables have high priority:

1. Command line arguments (highest)
2. Environment variables
3. Project config (cyberstrike.json)
4. Global config (~/.cyberstrike/config.json)
5. Defaults (lowest)

Example Override

# Global config: model = claude-sonnet
# Environment: CYBERSTRIKE_MODEL = claude-opus
# Result: Uses claude-opus

CYBERSTRIKE_MODEL="anthropic/claude-opus-4-5-20251101" cyberstrike

Variable Reference

Core Variables

Variable	Description	Default
CYBERSTRIKE_MODEL	Default model	-
CYBERSTRIKE_AGENT	Default agent	-
CYBERSTRIKE_THEME	UI theme	default
CYBERSTRIKE_DEBUG	Enable debug mode	false
CYBERSTRIKE_LOG_LEVEL	Log verbosity	info
CYBERSTRIKE_PERMISSION_MODE	Permission mode	default

Provider Variables

Variable	Provider
ANTHROPIC_API_KEY	Anthropic Claude
OPENAI_API_KEY	OpenAI GPT
GOOGLE_API_KEY	Google Gemini
OPENROUTER_API_KEY	OpenRouter
GROQ_API_KEY	Groq
AZURE_API_KEY	Azure OpenAI

Path Variables

Variable	Description
CYBERSTRIKE_CONFIG_DIR	Config directory
CYBERSTRIKE_DATA_DIR	Data directory
CYBERSTRIKE_CACHE_DIR	Cache directory

Checking Variables

List Active Variables

cyberstrike config env

Check Specific Variable

echo $ANTHROPIC_API_KEY | head -c 20

Verify Configuration

cyberstrike config get model
# Shows effective model after all overrides

Security

Protect API Keys

Never echo full API keys
Use secrets management in CI/CD
Rotate keys periodically
Monitor key usage

Secure .env Files

# Restrict permissions
chmod 600 .env

# Add to gitignore
echo ".env" >> .gitignore

Tip

Use a secrets manager like HashiCorp Vault, AWS Secrets Manager, or 1Password CLI for production environments.

Project Config - Project settings
Global Config - Global settings
Authentication - Auth setup