Blog post 3 min read

Guide to Environment Variables in Bun

Published on
Authors
Blog image

What is Bun again?

Bun is an extremely fast, all-in-one toolkit for running, building, testing, and debugging JavaScript and TypeScript – from a single file to a full-stack application.

The best thing about Bun is its speed. It's way faster than both Node.js and Deno, which makes it pretty compelling for edge computing.

Since environment variables are very commonly used to store configurations and secrets in Bun, we decided to explore how to use environment variables in Bun.

Reading environment variables

Environment variables in Bun can be called in two equivalent ways:

  1. The traditional Node.js way
process.env.SECRET
  1. The new Bun way
Bun.env.SECRET

In addition, you can run bun run env to show all the secrets in the current process.

Injecting environment variables

Depending on your use case, you might want to choose one of the following options:

1. Injecting secrets from a .env file

Unlike older Node.js version, .env files are supported natively – you do not need to download the dotenv package.

Environment variables will be pulled from the following files listed in the orger of increasing precedence: .env -> .env.production, .env.development, .env.test (depending on value of NODE_ENV) -> .env.local

In other words, after adding a .env file with the following secrets:

FOO=BAR
SECRET=TEST

You will be able to read their values with the following code:

console.log(process.env.FOO)
console.log(Bun.env.SECRET)

2. Injecting using a secret manager like Infisical

.env files could work well for individual developers with a small number of secrets and fairly simple infrastructure. However, when your team starts growing, code complexity increases, and you need to make sure the highest levels of security and compliance, you should consider a secret manager like Infisical.

To inject secrets locally in Bun apps, you can use Infisical's CLI:

  1. Add secrets to using Infisical Dashboard.
  2. Install the CLI.
  3. Initialize the project in CLI.
infisical init
  1. Run infisical run -- bun run dev –> the latest version of your secrets will always be pulled automatically.

What are the benefits of using Infisical?

  • None of the secrets are stored locally – secrets are end-to-end encrypted.
  • Manage multiple environments in one location: local, staging, production, and more.
  • You always have the latest version of your environment variables – no need to sync .env files with your teammates.
  • You can integrate Infisical easily across your infrastructure and various 3rd-party tools (GitHub Actions, CircleCI, Docker, Kubernetes, etc.).
  • Secrets are version-controlled with the ability of point-in-time recovery.
  • Automatically prevent hardcoded secrets and scan for secret leaks.

You can learn more about this process as well as other great features on Infisical's website.

Infisical Dashboard
Starting with Infisical is simple, fast, and free.
Full Infisical Logo

PRODUCT

Secret Management

Secret Scanning

Share Secret

Pricing

Security

RESOURCES

Blog

Infisical vs Vault

Careers

Hiring

Forum

Open Source Friends

Customers

Company Handbook

Trust Center

LEGAL

Terms of Service

Privacy Policy

Subprocessors

Service Level Agreement

CONTACT

Team Email

Sales

Support