As beginner software developers, we often come accross term "environment variables". In this blog post, I will try to explain what are environment variables and how you can manage them in your Python project dev environment. Let's get started.
Note: The blog follows Ubuntu workflow which can be easily replicated in MacOS/Windows with slight variations.
What are environment variables?
A quick google search will land you up to this definition of environment variables from Wikipedia,
An environment variable is a dynamic-named value that can affect the way running processes will behave on a computer. They are part of the environment in which a process runs.
Think of environment variables as system-wide variables which may store location or values of resources held by the system. Environment variables can be system defined as well as user defined too.
If you are using MacOS/Linux open your terminal and run command,
$ printenv
which will quickly show you all environment variables present in your system. These are some resource values which are used by programs running on your system.
What is the use of environment variables?
While developing our projects, our projects can contain various confidential information which can not be made public to prevent integrity violation of our app. For example, if you have used Django you may know about secret key it uses for signing session cookies which is fundamental to application security. Secret keys/signatures are used while dealing with JWT tokens in web authorisation paradigm which should stay confidential.
These values should not be stored in codebase or program files as they might end up getting checked/committed into version control systems which poses a threat to system integrity.
In a production environment these varibles are set on the system/server running the app instance. We can set up these variables as environment variables in our local development system but it is an unnecessary hassle and can be avoided.
What is the way around?
There are various ways to managing environment variables in local development environment. Here, I will display one of the methods.
- Create a .env file and store your secrets in it.
- Include .env in your .gitignore to prevent it from getting checked into your version control system.
- An example .env file might look like this:
ALGORITHM=HS256
SECRET_KEY=fajhfkaheufahfjbavaeua26472647yhf93h84go84g7fefaefavaegaebartttb
ACCESS_TOKEN_EXPIRE_MINUTES=30
- Now we need a way to access these values in our Python program files. Here, we are going to use a Python library called Pydantic to manage our enviroment variables.
- Go ahead and install "Pydantic" library by executing command
pip install pydantic
. - Create a file called
config.py
. - Inside
config.py
import BaseSettings from pydantic library and create a classSettings
which inherits fromBaseSettings
. - Inside this class, type out the environment variable name and their datatype with a : in between.
- Create a class inside class Settings with name
Config
and define a variable calledenv_file = ".env"
which stores the name of your file containing values of secrets we created earlier. -An exampleconfig.py
file would look like this:
from pydantic import BaseSettings
class Settings(BaseSettings):
secret_key: str
algorithm: str
access_token_expire_minutes: int
class Config:
env_file = ".env"
settings = Settings()
- You can also define a default values for these parameters too. Example:
access_token_expire_minutes: int = 30
- Instantiate the class Settings as shown in example above.
- Now open the file which contains requires these secret values and import this
settings
object in that file by typingfrom .config import settings
. - Now we can assign values of the variables as :
ALGORITHM = settings.algorithm
- Similarly do this for all other variables present in your project.
- You are done! Voila!
You have successfully avoided pushing your project secrets to version control system and have setup your local development enviroment without messing your OS installation.
Do leave a thumbs up if this was helpful. Suggestions are always welcome! Thanks for reading.
Top comments (0)