Chapter 17: Files, Workspaces, Environment, Config, And Secrets

Part III: Host Capabilities and Local App Surfaces

Why this chapter matters

Useful scripts often need configuration, files, environment variables, and secrets. Ricochet treats those as explicit host interactions that should be scoped and checked.

What you will build

You will build a settings loader that reads local data, checks workspace containment, reads process-local environment values, and resolves a dry-run secret reference.

Concepts in plain English

Files, workspaces, environment variables, configuration, and secrets are all host boundaries. They should return results and respect explicit roots or allow-lists.

The chapter uses these concepts:

Vocabulary and commands

Primary coverage: env_get, env_set, env, secret_env, secret_literal, secret_resolve, config_get, fs_read_text, fs_write_text, fs_exists?, fs_list, fs_create_dir, fs_delete, workspace_resolve, workspace_contains?, workspace_metadata, workspace_list, workspace_read_text, workspace_write_text, workspace_mkdir, workspace_delete, workspace_copy, and workspace_move.

Guided example

Open examples/learn/17-files-workspaces-env-and-secrets/settings-loader.rco and run:

coderco run examples/learn/17-files-workspaces-env-and-secrets/settings-loader.rco

The example starts with read-only filesystem access:

code"README.md" fs_exists? println
"README.md" fs_read_text value length println

Workspace words return richer metadata and containment information:

coderesolveOptions map
"docs/learn/index.html" $resolveOptions workspace_resolve value resolved var
$resolved "inside_root" at println
$resolved "exists" at println

Bound reads keep examples predictable:

codereadOptions map
$readOptions "max_bytes" 512 put drop
"examples/learn/01-hello-world/main.rco" $readOptions workspace_read_text value length println

Environment writes are process-local. This does not mutate the parent shell:

code"RICOCHET_LEARN_MODE" "docs" env_set value drop
"RICOCHET_LEARN_MODE" env_get value println

Use secret references instead of storing secret values directly in config maps:

codesettings map
provider map
$provider "token" "dry-run-token" secret_literal put drop
$settings "provider" $provider put drop

path array
$path "provider" push drop
$path "token" push drop

$settings $path config_get value secret_resolve value length println

secret_literal is for tests, fixtures, and dry-run examples. Real local apps should usually use secret_env.

How to read the example

Read the command first, then the code. The command grants the host powers the program may use. Inside the program, host calls usually return Result values or retained resource handles, so keep the same habit from Chapter 09: check the result, unwrap deliberately, and release or close resources when you are done.

Try it

Run the example with a sandboxed profile and an explicit filesystem root:

coderco run --capability-profile sandboxed --fs-root . examples/learn/17-files-workspaces-env-and-secrets/settings-loader.rco

Then try a read-only sandbox:

coderco run --capability-profile sandboxed --fs-root . --fs-readonly examples/learn/17-files-workspaces-env-and-secrets/settings-loader.rco

The example still works because it does not write files. If you later adapt it to write generated output, use workspace_resolve and workspace_contains? before writing.

Check your understanding

Common mistakes

Safety notes

This chapter documents fs_delete and workspace_delete, but the runnable example does not call them. Delete operations should be gated by explicit user or operator intent, and workspace deletion should resolve the target path before the operation. workspace_delete refuses to delete the configured filesystem root, but that is a last guard, not a substitute for careful UI and review.

Production guidance

Production examples should keep secrets out of logs, prefer secret_env, and preserve path containment. Use workspace_write_text, workspace_mkdir, workspace_copy, and workspace_move only after validating the resolved target and choosing overwrite behavior deliberately.

What you know now

You know how to access local data with clear boundaries: read and inspect first, keep workspace paths contained, resolve secrets only when needed, and treat write/delete/move operations as explicit operator actions.

Next step

Continue to Chapter 18: HTTP And Streams.