Environment Variables
All environment variables are prefixed with VITE_ and baked into the bundle at build time. There is no runtime config — values are embedded as literal strings in the compiled JavaScript.
Variables
| Variable | Description | Example |
|---|---|---|
VITE_API_BASE_URL | Internal API base URL (protected by Cloudflare Access) | https://staging-arc.semalink.africa |
VITE_CF_ACCESS_CLIENT_ID | Cloudflare Access service token Client ID | abc123... |
VITE_CF_ACCESS_CLIENT_SECRET | Cloudflare Access service token Client Secret | xyz789... |
VITE_ENV | Environment label | staging | test | production |
Per Environment
| Variable | Staging | Test | Production |
|---|---|---|---|
VITE_API_BASE_URL | https://staging-arc.semalink.africa | https://test-arc.semalink.africa | https://arc.semalink.africa |
VITE_ENV | staging | test | production |
VITE_CF_ACCESS_CLIENT_ID | Staging token | Test token | Production token |
VITE_CF_ACCESS_CLIENT_SECRET | Staging token | Test token | Production token |
Local Development
cp .env.example .env.local.env.local is gitignored — never commit it. The VITE_CF_ACCESS_* values are only needed when calling the real arc API. For mock data, placeholders are fine.
In CI
GitHub Actions injects all variables during the build step from environment-scoped secrets. No .env file is needed in CI.
Security
Because values are baked into the JavaScript bundle, they are visible to anyone who inspects the source. Never embed private keys, database passwords, or sensitive user data as VITE_* variables. Service tokens (used here) are acceptable because Cloudflare validates them server-side.