Skip to main content

Configuration Hardening

Relay enforces environment-aware profiles to keep debug features out of production and staging. Use this guide to understand which toggles are permitted in each environment and how the validator protects you from unsafe launches.

Environment Profiles

ENVIRONMENT determines the active profile. Accepted aliases resolve to the following configurations:

ProfileAccepted AliasesDescription
developmentdevelopment, dev, localFull flexibility for local experimentation. Demo/external mocks are allowed.
stagingstaging, stageMirrors production defaults while allowing pre-release testing. Demo/external mocks are blocked.
productionproduction, prodHardened configuration for customer-facing deployments. Debug tooling and mock signing disabled.
testtest, testingDriven by automated suites. Demo mocks remain disabled for deterministic behaviour.

Inspect the active profile at runtime via settings.environment_profile.

Enforced Guard Rails

The settings validator rejects unsafe combinations during startup. Forbidden toggles raise a ValueError, preventing accidental launches. Reference matrix:

SettingDevelopmentStagingProductionTest
ENABLE_DEMO_MOCKS
MOCK_EXTERNAL_SERVICES
ENABLE_TEST_MODE
ENABLE_DEBUG_TOOLBAR, ENABLE_HOT_RELOAD
WRITE_ADMIN_KEY_FILE
SIGNING_MODE="mock"
  • Production — set SIGNING_MODE=cosign, supply Cosign credentials, leave all debug/test toggles disabled.
  • Staging — mirror production defaults; temporarily set SIGNING_MODE=disabled only if Cosign credentials are unavailable (mock signing remains blocked).
  • Development/Test — enable local mocks when needed for rapid iteration; prefer disabling them when running integration suites to mirror staging.

Validation

  • Unit coverage: tests/unit/config/test_settings_profiles.py
  • Observability/zero-trust checks: python3 scripts/monitoring/validate_monitoring_stack.py, python3 dev_process/validation/zero_trust_audit.py

These commands are part of CI and will surface regressions introduced by future changes.