Environment Tiers for Teams: Dev, Staging, Production Safety
Not all environments are equal. ConfigSync tiers add confirmation prompts, visual indicators, and scoped secrets so your team never accidentally pushes dev config to production.
What Environment Tiers Are
An environment tier is a safety classification applied to a ConfigSync environment. There are four tiers: development, staging, production, and custom. Each tier carries different confirmation requirements and visual indicators to prevent accidental operations in sensitive environments.
Without tiers, every push and pull operation works the same regardless of context. A developer who runs configsync push while connected to production databases gets no warning. Tiers add the guardrails that teams need when working across multiple environments.
Safety Levels by Tier
Each tier has a different confirmation behavior:
| Tier | Confirmation | Behavior |
|---|---|---|
| Development | None | Push and pull execute immediately |
| Staging | Prompt | Asks "Are you sure? [y/N]" before push/pull |
| Production | Type environment name | Requires typing the env name to confirm |
| Custom | Configurable | Set your own confirmation level |
The production tier uses the same pattern as destructive operations on cloud platforms: you must type the environment name to confirm. This makes accidental production operations nearly impossible.
Creating Tiered Environments
Create environments with their tier and optional visual settings:
The --protect flag on the production environment enables the type-to-confirm behavior. The --color flag sets the visual indicator color.
Visual Indicators
When you are working in a non-development environment, ConfigSync provides visual cues so you always know your context:
The color setting applies a tint to the ConfigSync status output. Red for production, amber for staging — the visual language matches what developers already expect from deployment tools and cloud dashboards.
Per-Environment Secrets
Each environment can carry its own set of secrets and .env files. When you push from a production environment, the .env files are stored separately from development secrets:
This scoping prevents accidental cross-contamination. A developer working in the development tier never accidentally pulls production database credentials. Production secrets are only accessible when the production environment is explicitly active.
Team Access Patterns
Tiers enable sensible access patterns for teams of different experience levels:
Junior developers work exclusively in the development tier. They can push and pull freely without guardrails because there is nothing sensitive to break. Their development .env files contain local database URLs and test API keys.
Senior developers can switch between development, staging, and production tiers. When they switch to staging, the confirmation prompt adds a moment of pause. When they switch to production, typing the environment name ensures deliberate intent.
Environment-Scoped Env Files
The practical benefit of tiers becomes clear with .env file management. When a developer runs configsync pull, they get only the .env files that belong to their active environment tier:
| Active Tier | .env Contents | Database URL |
|---|---|---|
| Development | Local/test values | postgres://localhost:5432/dev |
| Staging | Staging service values | postgres://staging-db:5432/app |
| Production | Production values | postgres://prod-db:5432/app |
Same .env file paths, different values per tier. The developer's local files always match their active environment. No manual editing of database URLs, no accidentally running tests against production data.
Ready to try ConfigSync?
Sync your entire dev environment across machines in minutes. Free forever for up to 3 devices.