detections/.cursor/skills/deploy/templates/environment_strategy.md

Environment Strategy Template

Save as _docs/04_deploy/environment_strategy.md.

---

# [System Name] — Environment Strategy

## Environments

| Environment | Purpose | Infrastructure | Data Source |
|-------------|---------|---------------|-------------|
| Development | Local developer workflow | docker-compose | Seed data, mocked externals |
| Staging | Pre-production validation | [mirrors production] | Anonymized production-like data |
| Production | Live system | [full infrastructure] | Real data |

## Environment Variables

### Required Variables

| Variable | Purpose | Dev Default | Staging/Prod Source |
|----------|---------|-------------|-------------------|
| `DATABASE_URL` | Postgres connection | `postgres://dev:dev@db:5432/app` | Secret manager |
| [add all required variables] | | | |

### `.env.example`

```env
# Copy to .env and fill in values
DATABASE_URL=postgres://user:pass@host:5432/dbname
# [all required variables with placeholder values]

Variable Validation

All services validate required environment variables at startup and fail fast with a clear error message if any are missing.

Secrets Management

Environment	Method	Tool
Development	.env file (git-ignored)	dotenv
Staging	Secret manager	[AWS Secrets Manager / Azure Key Vault / Vault]
Production	Secret manager	[AWS Secrets Manager / Azure Key Vault / Vault]

Rotation policy: [frequency and procedure]

Database Management

Environment	Type	Migrations	Data
Development	Docker Postgres, named volume	Applied on container start	Seed data via init script
Staging	Managed Postgres	Applied via CI/CD pipeline	Anonymized production snapshot
Production	Managed Postgres	Applied via CI/CD with approval	Live data

Migration rules:

• All migrations must be backward-compatible (support old and new code simultaneously)
• Reversible migrations required (DOWN/rollback script)
• Production migrations require review before apply