The wasmCloud host can obtain configuration via environment variables. (For a list of the environment variables supported by the host, check out the host configuration section.)
However, there are security pitfalls related to environment variables. For example, consider setting environment variables on the command line along with invoking the script, e.g.
$ ENV_VAR_1=foo ENV_VAR_2=bar ./startapp
The downside to this is that anyone on the same server with access to the process list can see all commands used to start all processes. Since environment variables can contain sensitive information such as signing keys and authentication to registries, we recommend avoiding this pattern. Instead, set environment variables prior to the execution of a process like the wasmCloud host.