DOTENV_PRIVATE_KEY_CI=key dotenvx run

Decrypt your encrypted `` by setting `DOTENV_PRIVATE_KEY_CI` before dotenvx run.

$ touch
$ dotenvx set HELLO "ci encrypted" -f .env.production --encrypt
$ echo "console.log('Hello ' + process.env.HELLO)" > index.js

# check .env.keys for your privateKey
$ DOTENV_PRIVATE_KEY_CI="122...0b8" dotenvx run -- node index.js
[dotenvx] injecting env (2) from
Hello ci encrypted

Alternatively, this can be already set on your server or ci runner.

Note the DOTENV_PRIVATE_KEY_CI ends with _CI. This instructs dotenvx run to load the file. See the pattern?