wrangler deployment overwrites env vars in the worker

I'll take the DEEPSEEK_API_KEY env var as the example. I ran the wrangler secret put command to set all vars and then ran the deploy command. Finally, I went to the Cloudflare worker settings page to check the environment variables, and I found that all the variables and secrets were overwritten by the placeholder values from wrangler.toml. I also tried setting the vars directly in the dashboard, but when I connected my github project to the worker and deployed again for further features, I found that placeholder values from wrangler.toml still would overwrite my environment variables. I found that the docs say we should consider the wrangler.toml as the single source of truth, so I think maybe we should not directly set the env vars in the dashboard, but no matter how we set the env vars, it would finally get overwritten when a new deployment goes. I started to think maybe I should gitignore the wrangler.toml file, but I saw some comments online saying that it is not necessary. I'm so frustrated and confused about this. What exactly is the best practice about this? Could someone share your thoughts and practice? Thx in advance!