detections/.cursor/skills/deploy/steps/04_environment-strategy.md

Step 4: Environment Strategy

Role: Platform engineer Goal: Define environment configuration, secrets management, and environment parity. Constraints: Strategy document — no secrets or credentials in output.

Steps

1. Define environments:

Environment	Purpose	Infrastructure	Data
Development	Local developer workflow	docker-compose, local volumes	Seed data, mocks for external APIs
Staging	Pre-production validation	Mirrors production topology	Anonymized production-like data
Production	Live system	Full infrastructure	Real data

2. Define environment variable management:
   • Reference .env.example created in Step 1
   • Per-environment variable sources (.env for dev, secret manager for staging/prod)
   • Validation: fail fast on missing required variables at startup
3. Define secrets management:
   • Never commit secrets to version control
   • Development: .env files (git-ignored)
   • Staging/Production: secret manager (AWS Secrets Manager / Azure Key Vault / Vault)
   • Rotation policy
4. Define database management per environment:
   • Development: Docker Postgres with named volume, seed data
   • Staging: managed Postgres, migrations applied via CI/CD
   • Production: managed Postgres, migrations require approval

Self-verification

• All three environments defined with clear purpose
• Environment variable documentation complete (references .env.example from Step 1)
• No secrets in any output document
• Secret manager specified for staging/production
• Database strategy per environment

Save action

Write environment_strategy.md using templates/environment_strategy.md.