Configure Mistral AI across development, staging, and production environments.
| Environment | Purpose | API Keys | Model Selection |
|---|---|---|---|
| Development | Local dev | Test keys | mistral-small-latest |
| Staging | Pre-prod testing | Staging keys | Same as prod |
| Production | Live traffic | Production keys | Optimized selection |
config/
├── mistral/
│ ├── base.ts # Shared configuration
│ ├── development.ts # Dev overrides
│ ├── staging.ts # Staging overrides
│ └── production.ts # Prod overrides
// config/mistral/base.ts
export const baseConfig = {
defaultModel: 'mistral-small-latest',
timeout: 30000,
maxRetries: 3,
cache: {
enabled: true,
ttlSeconds: 300,
},
rateLimits: {
requestsPerMinute: 60,
tokensPerMinute: 500000,
},
};
// config/mistral/development.ts
import { baseConfig } from './base';
export const developmentConfig = {
...baseConfig,
apiKey: process.env.MISTRAL_API_KEY_DEV,
debug: true,
cache: {
enabled: false, // Disable cache in dev for testing
ttlSeconds: 60,
},
rateLimits: {
requestsPerMinute: 10,
tokensPerMinute: 100000,
},
};
// config/mistral/staging.ts
import { baseConfig } from './base';
export const stagingConfig = {
...baseConfig,
apiKey: process.env.MISTRAL_API_KEY_STAGING,
debug: false,
cache: {
enabled: true,
ttlSeconds: 300,
},
};
// config/mistral/production.ts
import { baseConfig } from './base';
export const productionConfig = {
...baseConfig,
apiKey: process.env.MISTRAL_API_KEY_PROD,
debug: false,
timeout: 60000,
maxRetries: 5,
cache: {
enabled: true,
ttlSeconds: 600,
},
};
// config/mistral/index.ts
import { developmentConfig } from './development';
import { stagingConfig } from './staging';
import { productionConfig } from './production';
type Environment = 'development' | 'staging' | 'production';
const configs = {
development: developmentConfig,
staging: stagingConfig,
production: productionConfig,
};
export function detectEnvironment(): Environment {
const env = process.env.NODE_ENV || 'development';
if (env === 'production') return 'production';
if (env === 'staging' || process.env.VERCEL_ENV === 'preview') return 'staging';
return 'development';
}
export function getMistralConfig() {
const env = detectEnvironment();
const config = configs[env];
if (!config.apiKey) {
throw new Error(`MISTRAL_API_KEY not set for environment: ${env}`);
}
return {
...config,
environment: env,
};
}
Local Development (.env.local)
# .env.local (git-ignored)
MISTRAL_API_KEY_DEV=your-dev-api-key
GitHub Actions (secrets)
# .github/workflows/deploy.yml
jobs:
deploy-staging:
environment: staging
env:
MISTRAL_API_KEY_STAGING: ${{ secrets.MISTRAL_API_KEY_STAGING }}
deploy-production:
environment: production
env:
MISTRAL_API_KEY_PROD: ${{ secrets.MISTRAL_API_KEY_PROD }}
AWS Secrets Manager
# Store secrets
aws secretsmanager create-secret \
--name mistral/production/api-key \
--secret-string "your-api-key"
# Retrieve in code
aws secretsmanager get-secret-value \
--secret-id mistral/production/api-key
import { SecretsManager } from '@aws-sdk/client-secrets-manager';
const sm = new SecretsManager({ region: 'us-east-1' });
async function getMistralApiKey(env: string): Promise<string> {
const { SecretString } = await sm.getSecretValue({
SecretId: `mistral/${env}/api-key`,
});
return SecretString!;
}
GCP Secret Manager
# Store secret
echo -n "your-api-key" | gcloud secrets create mistral-api-key-prod --data-file=-
# Grant access
gcloud secrets add-iam-policy-binding mistral-api-key-prod \
--member="serviceAccount:your-sa@project.iam.gserviceaccount.com" \
--role="roles/secretmanager.secretAccessor"
import { SecretManagerServiceClient } from '@google-cloud/secret-manager';
const client = new SecretManagerServiceClient();
async function getMistralApiKey(env: string): Promise<string> {
const [version] = await client.accessSecretVersion({
name: `projects/my-project/secrets/mistral-api-key-${env}/versions/latest`,
});
return version.payload?.data?.toString()!;
}
// Prevent accidental cross-environment operations
function validateEnvironment(operation: string, requiredEnv: Environment): void {
const currentEnv = detectEnvironment();
if (currentEnv !== requiredEnv) {
throw new Error(
`Operation "${operation}" requires ${requiredEnv} but running in ${currentEnv}`
);
}
}
// Protect production-only operations
function requireProduction(operation: string): void {
validateEnvironment(operation, 'production');
}
// Usage
async function deployModel() {
requireProduction('deployModel');
// Production-only code
}
interface FeatureFlags {
useNewModel: boolean;
enableFunctionCalling: boolean;
maxConcurrentRequests: number;
}
const featureFlags: Record<Environment, FeatureFlags> = {
development: {
useNewModel: true,
enableFunctionCalling: true,
maxConcurrentRequests: 2,
},
staging: {
useNewModel: true,
enableFunctionCalling: true,
maxConcurrentRequests: 5,
},
production: {
useNewModel: false, // Gradual rollout
enableFunctionCalling: true,
maxConcurrentRequests: 10,
},
};
export function getFeatureFlags(): FeatureFlags {
const env = detectEnvironment();
return featureFlags[env];
}
| Issue | Cause | Solution |
|---|---|---|
| Wrong environment | Missing NODE_ENV | Set environment variable |
| Secret not found | Wrong secret path | Verify secret manager config |
| Config validation | Invalid settings | Use Zod schema validation |
| Cross-env leak | Missing guards | Add environment checks |
const config = getMistralConfig();
console.log(`Running in ${config.environment}`);
console.log(`Model: ${config.defaultModel}`);
console.log(`Cache enabled: ${config.cache.enabled}`);
function getVercelEnvironment(): Environment {
const vercelEnv = process.env.VERCEL_ENV;
if (vercelEnv === 'production') return 'production';
if (vercelEnv === 'preview') return 'staging';
return 'development';
}
For observability setup, see mistral-observability.