$ Linux One Liners
Back to lessons

Cybersecurity Triage

Extract Environment Names Only

You need to see which environment names appear in config files, but must avoid exposing secrets.

Command

grep -RhoE 'ENVIRONMENT|NODE_ENV|APP_ENV|RAILS_ENV' config deploy | sort -u

What changed

Nothing changes. Only matching environment variable names are printed.

Danger

safe

When to use it

Use when checking env naming consistency across deployment files.

When not to use it

Do not use it when you need values; this command intentionally prints names only.

Undo or recovery

No undo needed because this command is read-only.

Expected output

Unique environment variable names such as APP_ENV, NODE_ENV, or RAILS_ENV.

demo script

Disposable terminal steps

  1. sed -n '1,20p' config/app.env.example
  2. grep -RhoE 'ENVIRONMENT|NODE_ENV|APP_ENV|RAILS_ENV' config deploy | sort -u
Terminal transcript Demo JSON

simulated output

What it looks like

disposable vessel 
::fixture-ready::
$ sed -n '1,20p' config/app.env.example
APP_ENV=staging
NODE_ENV=production
RAILS_ENV=production
::exit-code::0
$ grep -RhoE 'ENVIRONMENT|NODE_ENV|APP_ENV|RAILS_ENV' config deploy | sort -u
APP_ENV
NODE_ENV
RAILS_ENV
::exit-code::0

YouTube Short

Env names, not secrets.

For a quick audit, print only environment variable names. Do not dump values into chat or screenshots.

LinkedIn hook

Audit environment labels without printing secret values.

Question: Do your deployment checks avoid printing secret values by default?

experiments

A/B tests to run

Metric: share_rate

A: Env names, not secrets.

B: Audit config without leaking values.