DEV Community

Boris Quiroz
Boris Quiroz

Posted on

Using YAML to manage Python configurations

On my last weekend project I needed to talk to an API using an AUTH_KEY which should be private but should be included in the request instead of using any auth method.

The request I needed to run was:

requests.get('https://<URL>/<SOMETHING>/<SOMETHING_ELSE>.json/?auth_key=YOUR_AUTH_KEY')
Enter fullscreen mode Exit fullscreen mode

So I decided to use pyyaml, and it's very easy to use! Here's a short example of the python file

import json
import yaml

file = open('config.yml', 'r')
cfg = yaml.load(file, Loader=yaml.FullLoader)

url = 'https://<URL>/<SOMETHING>/<SOMETHING_ELSE>.json/?auth_key=' + cfg['auth']['key']
request = requests.get(url)

# then, everything else
Enter fullscreen mode Exit fullscreen mode

Then, the config.yml is something like this:

auth:
  key: MY_AUTH_KEY
Enter fullscreen mode Exit fullscreen mode

And not I can have my config.yml stored only in my laptop or, even better, in some secret place like a vault or something but not publicly accessible to anybody in GitHub.

Enjoy.

Top comments (8)

Collapse
 
bespokejamaa profile image
kaharo

Thanks for sharing this.
How does this compare to saving the key under environment settings and accessing it via os.environ.get() ?
Am just wondering if it's more secure ?
Thanks

Collapse
 
boris profile image
Boris Quiroz

that env vars can be seen (and (personal opinion) I think it's more structured)

Collapse
 
juancarlospaco profile image
Juan Carlos
Collapse
 
jheld profile image
Jason Held

That's true though some of it can be avoided via safe load.

Collapse
 
juancarlospaco profile image
Juan Carlos

Even if everything works perfectly,
YAML parsers tend to be big bulky and slow compared to parsers of simpler formats,
you can even use CSON if you dont want brackets and semicolons, etc
and still more simpler than YAML to parse.

Collapse
 
miniscruff profile image
miniscruff • Edited

Pydantic has a nice BaseSetting module that works with environment variables that I would recommend. Combo that with python-dotenv for file based loading.

Collapse
 
jheld profile image
Jason Held

Why full loader?

Collapse
 
blaisesumo profile image
Blaise Pabon • Edited

Could you add an example of

in some secret place like a vault or something but not publicly accessible to anybody in GitHub

where we can avoid leaking secrets into git ?