Dev VM Environment

Per-VM environment variables and automatic GitHub authentication on development VMs.

Dev VM Environment

Development VMs carry their own set of environment variables, separate from the function and compute-service env. Manage them with ccp env, passing the target VM with --vm <vm_id>.

ccp env list --vm <vm_id>             # list your variables
ccp env get KEY --vm <vm_id>          # reveal one value
ccp env set KEY=value --vm <vm_id>    # add or update (upsert)
ccp env unset KEY --vm <vm_id>        # remove one
ccp env refresh-system --vm <vm_id>   # re-apply server-managed credentials

All variables are made available to every command run inside the VM (interactive shells and exec).

Visibility

Each variable has a visibility level that controls whether its value is readable back through the API:

VisibilityIn ccp env listccp env get
plaintextvalue shownvalue shown
sensitive (default)value maskedvalue shown
secretvalue maskedwrite-only — never returned

Set the level when writing:

ccp env set API_URL=https://api.example.com --plaintext --vm <vm_id>
ccp env set API_KEY=sk-... --secret --vm <vm_id>

Omitting the flag keeps an existing variable's level (and defaults a new one to sensitive), so re-setting a secret's value never silently downgrades it.

Automatic GitHub authentication

On a development VM you don't need to configure Git or gh — the platform injects your GitHub credentials automatically when the VM is created:

  • gh is installed and already authenticated.
  • git push/pull over HTTPS authenticates with no prompt (a host-scoped credential helper for github.com is wired in).
  • Commits are authored as you (your GitHub name and email), not a placeholder bot identity.

These credentials are managed by the server as hidden system variables (GH_TOKEN, GH_HOST, GIT_HTTP_*, GIT_AUTHOR_*, GIT_COMMITTER_*). They are applied to the VM but never returned by ccp env list or ccp env get, and you cannot set or remove them — the GH_, GIT_, CCP_, and CLUSTA_ prefixes are reserved.

Credentials come from the GitHub account linked to your Cluster account. If you haven't linked GitHub, the VM still provisions — just without Git auth.

Re-applying after linking or rotating

Credentials are captured at VM-creation time. If you link GitHub (or rotate your token) afterwards, re-apply them to an existing VM with:

ccp env refresh-system --vm <vm_id>

This recomputes your current GitHub credentials and pushes them into the VM. If you later unlink GitHub, running it again clears the stale credentials.

Environment Variables

Configure environment variables for local development and production.

On this page

Dev VM EnvironmentVisibilityAutomatic GitHub authenticationRe-applying after linking or rotating