docs: improve environment setup and add .env.example files #196
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Enhanced .env.example files with comprehensive comments - Added detailed explanations for each environment variable - Included guidance for local development vs testnet/production - Added links to credential providers (Alchemy, Infura, Pinata, etc.) - Included security warnings and best practices - Updated README.md with improved setup instructions - Added Prerequisites section - Created comprehensive Environment Setup section - Improved Docker and Manual setup instructions - Added security notes and warnings - Created ENVIRONMENT_SETUP.md guide - Comprehensive 300+ line environment setup guide - Step-by-step instructions for local development - Detailed credential acquisition guide - Troubleshooting section - MetaMask configuration instructions - Added automated setup scripts - setup-env.sh for Linux/Mac users - setup-env.ps1 for Windows users - Interactive scripts with local/production options - Fixed code issues - Added missing polygonAmoy chain to wagmi config - Fixed RSuite CSS import path Resolves AOSSIE-Org#183
WalkthroughThis pull request introduces comprehensive environment setup documentation, automated configuration scripts for local development, expanded environment variable guides, and adds Polygon Amoy network support. Changes include a new setup guide, enhanced .env examples with detailed comments, shell and PowerShell scripts for automated environment initialization, and minor code adjustments to support additional blockchain networks. Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes
Poem
Pre-merge checks and finishing touches✅ Passed checks (3 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 5
🧹 Nitpick comments (2)
client/app/helpers/client.ts (1)
7-17: Fail fast when required RPC env vars are missing (avoidhttp(undefined)), and consider movingprojectIdto env.
This will prevent hard-to-debug runtime issues and makes config easier to rotate across environments.export const config = getDefaultConfig({ appName: "Agora-Blockchain", - projectId: "8501447cf73c4e68061f7ed912d6a8ee", + projectId: process.env.NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID ?? "", chains: [sepolia, polygonAmoy, avalancheFuji], ssr: true, transports: { - [sepolia.id]: http(process.env.NEXT_PUBLIC_SEPOLIA_RPC_URL), - [polygonAmoy.id]: http(process.env.NEXT_PUBLIC_AMOY_RPC_URL), - [avalancheFuji.id]: http(process.env.NEXT_PUBLIC_FUJI_RPC_URL), + [sepolia.id]: http(requiredEnv("NEXT_PUBLIC_SEPOLIA_RPC_URL")), + [polygonAmoy.id]: http(requiredEnv("NEXT_PUBLIC_AMOY_RPC_URL")), + [avalancheFuji.id]: http(requiredEnv("NEXT_PUBLIC_FUJI_RPC_URL")), }, }); + +function requiredEnv(name: string): string { + const v = process.env[name]; + if (!v) throw new Error(`Missing required env var: ${name}`); + return v; +}client/.env.example (1)
21-45: Fix dotenv-linter warning (add trailing newline) and consider a clearer Pinata placeholder name.-NEXT_PUBLIC_PINATA_JWT=ENTER_PINATA_API_KEY +NEXT_PUBLIC_PINATA_JWT=ENTER_PINATA_JWT +
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (8)
ENVIRONMENT_SETUP.md(1 hunks)README.md(3 hunks)blockchain/.env.example(1 hunks)client/.env.example(1 hunks)client/app/helpers/client.ts(1 hunks)client/app/layout.tsx(1 hunks)setup-env.ps1(1 hunks)setup-env.sh(1 hunks)
🧰 Additional context used
🪛 dotenv-linter (4.0.0)
client/.env.example
[warning] 45-45: [EndingBlankLine] No blank line at the end of the file
(EndingBlankLine)
🪛 Gitleaks (8.30.0)
setup-env.sh
[high] 33-33: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
setup-env.ps1
[high] 25-25: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
ENVIRONMENT_SETUP.md
[high] 66-66: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
blockchain/.env.example
[high] 12-12: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
🪛 markdownlint-cli2 (0.18.1)
ENVIRONMENT_SETUP.md
110-110: Bare URL used
(MD034, no-bare-urls)
111-111: Bare URL used
(MD034, no-bare-urls)
🔇 Additional comments (1)
client/app/layout.tsx (1)
12-13: Confirmrsuite.min.css(with reset) won’t unintentionally restyle the app vsrsuite-no-reset.
If the goal is only to fix a broken import, consider documenting why the reset is acceptable (or keep a no-reset variant if available in your RSuite version).
Comment on lines
+9
to
+19
| # PRIVATE KEY (Required for deployment) | ||
| # ============================================ | ||
| # For LOCAL DEVELOPMENT: Use Hardhat's default test account private key | ||
| # PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 | ||
| # | ||
| # For TESTNET/MAINNET: Use your wallet's private key | ||
| # ⚠️ NEVER commit your real private key to Git! | ||
| # ⚠️ NEVER use a wallet with real funds for testing! | ||
| # Get a testnet private key from MetaMask (create a new test wallet) | ||
| PRIVATE_KEY=ENTER_YOUR_KEY_VALUE | ||
|
|
There was a problem hiding this comment.
Remove the literal Hardhat private key to avoid Gitleaks/secret-scan CI failures.
Even commented “test keys” commonly trip scanners; keep it as a placeholder + instruction.
-# For LOCAL DEVELOPMENT: Use Hardhat's default test account private key
-# PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
+# For LOCAL DEVELOPMENT: Use a Hardhat test account private key from `npx hardhat node` output
+# PRIVATE_KEY=<HARDHAT_TEST_ACCOUNT_PRIVATE_KEY>(Alternative: add an explicit allowlist entry in the repo’s gitleaks config for this exact value.)
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| # PRIVATE KEY (Required for deployment) | |
| # ============================================ | |
| # For LOCAL DEVELOPMENT: Use Hardhat's default test account private key | |
| # PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 | |
| # | |
| # For TESTNET/MAINNET: Use your wallet's private key | |
| # ⚠️ NEVER commit your real private key to Git! | |
| # ⚠️ NEVER use a wallet with real funds for testing! | |
| # Get a testnet private key from MetaMask (create a new test wallet) | |
| PRIVATE_KEY=ENTER_YOUR_KEY_VALUE | |
| # PRIVATE KEY (Required for deployment) | |
| # ============================================ | |
| # For LOCAL DEVELOPMENT: Use a Hardhat test account private key from `npx hardhat node` output | |
| # PRIVATE_KEY=<HARDHAT_TEST_ACCOUNT_PRIVATE_KEY> | |
| # | |
| # For TESTNET/MAINNET: Use your wallet's private key | |
| # ⚠️ NEVER commit your real private key to Git! | |
| # ⚠️ NEVER use a wallet with real funds for testing! | |
| # Get a testnet private key from MetaMask (create a new test wallet) | |
| PRIVATE_KEY=ENTER_YOUR_KEY_VALUE |
🧰 Tools
🪛 Gitleaks (8.30.0)
[high] 12-12: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
🤖 Prompt for AI Agents
In blockchain/.env.example around lines 9 to 19, the file includes a literal
Hardhat test private key (even commented) which can trigger Gitleaks/secret-scan
CI failures; remove the hardcoded key and replace it with a neutral placeholder
and brief instruction only (e.g., PRIVATE_KEY=ENTER_YOUR_KEY_VALUE with a note
to use a test wallet or env management), ensuring no actual or example secret
remains in the file; alternatively, if you must keep that exact string for some
reason, add a specific allowlist entry to the repo's gitleaks config instead of
leaving the key in the example.
Comment on lines
+64
to
+85
| Edit `blockchain/.env` and use these local development values: | ||
| ```env | ||
| PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 | ||
| RPC_URL_SEPOLIA=http://localhost:8545 | ||
| RPC_URL_FUJI=http://localhost:8545 | ||
| RPC_URL_AMOY=http://localhost:8545 | ||
| RPC_URL_BSC=http://localhost:8545 | ||
| ETHERSCAN_KEY=dummy_key_for_local_dev | ||
| ``` | ||
|
|
||
| **Client Environment:** | ||
| ```bash | ||
| cp client/.env.example client/.env | ||
| ``` | ||
|
|
||
| Edit `client/.env` with: | ||
| ```env | ||
| NEXT_PUBLIC_SEPOLIA_RPC_URL=http://localhost:8545 | ||
| NEXT_PUBLIC_AMOY_RPC_URL=http://localhost:8545 | ||
| NEXT_PUBLIC_FUJI_RPC_URL=http://localhost:8545 | ||
| NEXT_PUBLIC_PINATA_JWT=dummy_jwt_for_local_dev | ||
| ``` |
There was a problem hiding this comment.
Remove the literal private key from the guide (Gitleaks blocker) and fix MD034 bare URLs.
-PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
+PRIVATE_KEY=<HARDHAT_TEST_ACCOUNT_PRIVATE_KEY>-- **Frontend**: http://localhost:3000
-- **Blockchain Node**: http://localhost:8545
+- **Frontend**: `http://localhost:3000`
+- **Blockchain Node**: `http://localhost:8545`Also applies to: 105-109
🧰 Tools
🪛 Gitleaks (8.30.0)
[high] 66-66: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
🤖 Prompt for AI Agents
In ENVIRONMENT_SETUP.md around lines 64 to 85 (and also apply same changes to
lines 105 to 109), remove the literal private key from the example env block and
replace it with a non-sensitive placeholder or instruction (e.g.,
PRIVATE_KEY=<your_local_private_key_here> or instructions to generate/load one)
so no secrets are committed; additionally fix MD034 bare-URL issues by turning
naked URLs into proper Markdown links or enclosing them in angle brackets (or
replacing them with descriptive link text) and ensure the env/code blocks remain
fenced.
Comment on lines
+31
to
+78
| ### Prerequisites | ||
|
|
||
| Before you begin, ensure you have the following installed: | ||
| - **Node.js** (v18 or later): [Download here](https://nodejs.org/) | ||
| - **npm** (comes with Node.js) or **yarn** | ||
| - **Git**: [Download here](https://git-scm.com/) | ||
| - **MetaMask** browser extension: [Install here](https://metamask.io/) | ||
|
|
||
| ### Environment Setup | ||
|
|
||
| The project requires environment variables for both blockchain and client components. We provide `.env.example` files with detailed comments to help you get started. | ||
|
|
||
| #### Quick Setup for Local Development | ||
|
|
||
| For quick local testing without external services: | ||
|
|
||
| 1. **Blockchain** (`blockchain/.env`): | ||
| ```bash | ||
| cp blockchain/.env.example blockchain/.env | ||
| ``` | ||
| You can use the default Hardhat test account values provided in the comments. | ||
|
|
||
| 2. **Client** (`client/.env`): | ||
| ```bash | ||
| cp client/.env.example client/.env | ||
| ``` | ||
| For local development, you can use dummy values (some features like IPFS upload won't work). | ||
|
|
||
| #### Setup for Testnet/Production | ||
|
|
||
| For deploying to testnets or production: | ||
|
|
||
| 1. Review the `.env.example` files in both `blockchain/` and `client/` directories | ||
| 2. Each variable has detailed comments explaining: | ||
| - What the variable is used for | ||
| - Where to obtain the credentials | ||
| - Differences between local/testnet/mainnet usage | ||
| 3. Copy the example files and fill in your actual credentials: | ||
| ```bash | ||
| cp blockchain/.env.example blockchain/.env | ||
| cp client/.env.example client/.env | ||
| ``` | ||
|
|
||
| ⚠️ **Security Notes**: | ||
| - NEVER commit `.env` or `.env.local` files to Git | ||
| - NEVER use wallets with real funds for testing | ||
| - Keep your private keys and API keys secure | ||
|
|
There was a problem hiding this comment.
Align Node.js version guidance across the README (v18+ here vs “v10.16+” earlier) and consider docker compose wording.
This avoids conflicting setup instructions for new contributors.
- - [Node.js](https://nodejs.org/en/) (v10.16 or later): A JavaScript runtime required for server-side development.
+ - [Node.js](https://nodejs.org/en/) (v18 or later): A JavaScript runtime required for development.- docker-compose up --build
+ docker compose up --buildAlso applies to: 94-103
🤖 Prompt for AI Agents
In README.md around lines 31-78 (also applicable to lines 94-103), update
inconsistent Node.js guidance (currently v18+ here vs v10.16+ earlier) by
choosing a single minimum version (use v18 LTS) and replace every older
reference to match; also standardize Docker Compose wording across the doc —
pick either "docker compose" (Compose V2) or "docker-compose" (V1), update
commands/examples to the chosen form, and run a pass over the README to make
these substitutions and ensure examples and notes remain accurate and
consistent.
Comment on lines
+22
to
+33
| if ($localDev -eq "y") { | ||
| $content = @" | ||
| # Local Development Configuration | ||
| PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 | ||
| RPC_URL_SEPOLIA=http://localhost:8545 | ||
| RPC_URL_FUJI=http://localhost:8545 | ||
| RPC_URL_AMOY=http://localhost:8545 | ||
| RPC_URL_BSC=http://localhost:8545 | ||
| ETHERSCAN_KEY=dummy_key_for_local_dev | ||
| "@ | ||
| Set-Content -Path "blockchain\.env" -Value $content | ||
| Write-Host "✅ Created blockchain\.env with local development values" -ForegroundColor Green |
There was a problem hiding this comment.
Remove literal private key (Gitleaks blocker) and force UTF‑8 when writing .env to avoid BOM/UTF‑16 issues.
$content = @"
# Local Development Configuration
-PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
+PRIVATE_KEY=ENTER_HARDHAT_TEST_PRIVATE_KEY
RPC_URL_SEPOLIA=http://localhost:8545
@@
"@
- Set-Content -Path "blockchain\.env" -Value $content
+ Set-Content -Path "blockchain\.env" -Value $content -Encoding utf8📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| if ($localDev -eq "y") { | |
| $content = @" | |
| # Local Development Configuration | |
| PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 | |
| RPC_URL_SEPOLIA=http://localhost:8545 | |
| RPC_URL_FUJI=http://localhost:8545 | |
| RPC_URL_AMOY=http://localhost:8545 | |
| RPC_URL_BSC=http://localhost:8545 | |
| ETHERSCAN_KEY=dummy_key_for_local_dev | |
| "@ | |
| Set-Content -Path "blockchain\.env" -Value $content | |
| Write-Host "✅ Created blockchain\.env with local development values" -ForegroundColor Green | |
| if ($localDev -eq "y") { | |
| $content = @" | |
| # Local Development Configuration | |
| PRIVATE_KEY=ENTER_HARDHAT_TEST_PRIVATE_KEY | |
| RPC_URL_SEPOLIA=http://localhost:8545 | |
| RPC_URL_FUJI=http://localhost:8545 | |
| RPC_URL_AMOY=http://localhost:8545 | |
| RPC_URL_BSC=http://localhost:8545 | |
| ETHERSCAN_KEY=dummy_key_for_local_dev | |
| "@ | |
| Set-Content -Path "blockchain\.env" -Value $content -Encoding utf8 | |
| Write-Host "✅ Created blockchain\.env with local development values" -ForegroundColor Green |
🧰 Tools
🪛 Gitleaks (8.30.0)
[high] 25-25: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
🤖 Prompt for AI Agents
In setup-env.ps1 around lines 22 to 33, remove the hard-coded literal private
key and replace it with a non-secret placeholder (or generate/obtain the key at
runtime) so no real key is stored in the repo, and when writing the
blockchain.env file call Set-Content with explicit UTF8 encoding to avoid
BOM/UTF‑16 issues (e.g., use the -Encoding UTF8 parameter); keep the rest of the
.env values the same and update the Write-Host message accordingly.
Comment on lines
+1
to
+45
| #!/bin/bash | ||
|
|
||
| # Agora Blockchain - Environment Setup Script | ||
| # This script helps you quickly set up environment files for local development | ||
|
|
||
| echo "🚀 Agora Blockchain - Environment Setup" | ||
| echo "========================================" | ||
| echo "" | ||
|
|
||
| # Colors for output | ||
| GREEN='\033[0;32m' | ||
| YELLOW='\033[1;33m' | ||
| NC='\033[0m' # No Color | ||
|
|
||
| # Function to create blockchain .env file | ||
| setup_blockchain_env() { | ||
| echo -e "${YELLOW}Setting up blockchain environment...${NC}" | ||
|
|
||
| if [ -f "blockchain/.env" ]; then | ||
| echo "⚠️ blockchain/.env already exists!" | ||
| read -p "Do you want to overwrite it? (y/n): " overwrite | ||
| if [ "$overwrite" != "y" ]; then | ||
| echo "Skipping blockchain/.env" | ||
| return | ||
| fi | ||
| fi | ||
|
|
||
| read -p "Are you setting up for local development? (y/n): " local_dev | ||
|
|
||
| if [ "$local_dev" = "y" ]; then | ||
| cat > blockchain/.env << 'EOF' | ||
| # Local Development Configuration | ||
| PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 | ||
| RPC_URL_SEPOLIA=http://localhost:8545 | ||
| RPC_URL_FUJI=http://localhost:8545 | ||
| RPC_URL_AMOY=http://localhost:8545 | ||
| RPC_URL_BSC=http://localhost:8545 | ||
| ETHERSCAN_KEY=dummy_key_for_local_dev | ||
| EOF | ||
| echo -e "${GREEN}✅ Created blockchain/.env with local development values${NC}" | ||
| else | ||
| cp blockchain/.env.example blockchain/.env | ||
| echo -e "${GREEN}✅ Created blockchain/.env from example${NC}" | ||
| echo -e "${YELLOW}⚠️ Please edit blockchain/.env with your credentials${NC}" | ||
| fi |
There was a problem hiding this comment.
Avoid writing a literal private key (Gitleaks blocker); add basic bash strictness for reliability.
#!/bin/bash
+
+set -euo pipefail
@@
- if [ "$local_dev" = "y" ]; then
+ if [ "${local_dev,,}" = "y" ]; then
cat > blockchain/.env << 'EOF'
# Local Development Configuration
-PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
+PRIVATE_KEY=ENTER_HARDHAT_TEST_PRIVATE_KEY
RPC_URL_SEPOLIA=http://localhost:8545
RPC_URL_FUJI=http://localhost:8545
RPC_URL_AMOY=http://localhost:8545
RPC_URL_BSC=http://localhost:8545
ETHERSCAN_KEY=dummy_key_for_local_dev
EOF
echo -e "${GREEN}✅ Created blockchain/.env with local development values${NC}"
+ echo -e "${YELLOW}⚠️ Paste a Hardhat test private key from 'npx hardhat node' output before deploying${NC}"📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| #!/bin/bash | |
| # Agora Blockchain - Environment Setup Script | |
| # This script helps you quickly set up environment files for local development | |
| echo "🚀 Agora Blockchain - Environment Setup" | |
| echo "========================================" | |
| echo "" | |
| # Colors for output | |
| GREEN='\033[0;32m' | |
| YELLOW='\033[1;33m' | |
| NC='\033[0m' # No Color | |
| # Function to create blockchain .env file | |
| setup_blockchain_env() { | |
| echo -e "${YELLOW}Setting up blockchain environment...${NC}" | |
| if [ -f "blockchain/.env" ]; then | |
| echo "⚠️ blockchain/.env already exists!" | |
| read -p "Do you want to overwrite it? (y/n): " overwrite | |
| if [ "$overwrite" != "y" ]; then | |
| echo "Skipping blockchain/.env" | |
| return | |
| fi | |
| fi | |
| read -p "Are you setting up for local development? (y/n): " local_dev | |
| if [ "$local_dev" = "y" ]; then | |
| cat > blockchain/.env << 'EOF' | |
| # Local Development Configuration | |
| PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 | |
| RPC_URL_SEPOLIA=http://localhost:8545 | |
| RPC_URL_FUJI=http://localhost:8545 | |
| RPC_URL_AMOY=http://localhost:8545 | |
| RPC_URL_BSC=http://localhost:8545 | |
| ETHERSCAN_KEY=dummy_key_for_local_dev | |
| EOF | |
| echo -e "${GREEN}✅ Created blockchain/.env with local development values${NC}" | |
| else | |
| cp blockchain/.env.example blockchain/.env | |
| echo -e "${GREEN}✅ Created blockchain/.env from example${NC}" | |
| echo -e "${YELLOW}⚠️ Please edit blockchain/.env with your credentials${NC}" | |
| fi | |
| #!/bin/bash | |
| set -euo pipefail | |
| # Agora Blockchain - Environment Setup Script | |
| # This script helps you quickly set up environment files for local development | |
| echo "🚀 Agora Blockchain - Environment Setup" | |
| echo "========================================" | |
| echo "" | |
| # Colors for output | |
| GREEN='\033[0;32m' | |
| YELLOW='\033[1;33m' | |
| NC='\033[0m' # No Color | |
| # Function to create blockchain .env file | |
| setup_blockchain_env() { | |
| echo -e "${YELLOW}Setting up blockchain environment...${NC}" | |
| if [ -f "blockchain/.env" ]; then | |
| echo "⚠️ blockchain/.env already exists!" | |
| read -p "Do you want to overwrite it? (y/n): " overwrite | |
| if [ "$overwrite" != "y" ]; then | |
| echo "Skipping blockchain/.env" | |
| return | |
| fi | |
| fi | |
| read -p "Are you setting up for local development? (y/n): " local_dev | |
| if [ "${local_dev,,}" = "y" ]; then | |
| cat > blockchain/.env << 'EOF' | |
| # Local Development Configuration | |
| PRIVATE_KEY=ENTER_HARDHAT_TEST_PRIVATE_KEY | |
| RPC_URL_SEPOLIA=http://localhost:8545 | |
| RPC_URL_FUJI=http://localhost:8545 | |
| RPC_URL_AMOY=http://localhost:8545 | |
| RPC_URL_BSC=http://localhost:8545 | |
| ETHERSCAN_KEY=dummy_key_for_local_dev | |
| EOF | |
| echo -e "${GREEN}✅ Created blockchain/.env with local development values${NC}" | |
| echo -e "${YELLOW}⚠️ Paste a Hardhat test private key from 'npx hardhat node' output before deploying${NC}" | |
| else | |
| cp blockchain/.env.example blockchain/.env | |
| echo -e "${GREEN}✅ Created blockchain/.env from example${NC}" | |
| echo -e "${YELLOW}⚠️ Please edit blockchain/.env with your credentials${NC}" | |
| fi |
🧰 Tools
🪛 Gitleaks (8.30.0)
[high] 33-33: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
🤖 Prompt for AI Agents
In setup-env.sh lines 1 to 45, do not include a literal private key in the local
development .env file to avoid security issues like Gitleaks detection. Instead,
use a placeholder value or prompt the user to input their private key at
runtime. Additionally, add basic bash strictness by including 'set -euo
pipefail' near the top of the script to make it more robust and reliable.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Enhanced .env.example files with comprehensive comments
Updated README.md with improved setup instructions
Created ENVIRONMENT_SETUP.md guide
Added automated setup scripts
Fixed code issues
Summary by CodeRabbit
New Features
Documentation
Style
✏️ Tip: You can customize this high-level summary in your review settings.