Encrypt credentials/Django settings to store in repositories
Project description
encrypted-credentials encrypts credentials to allow them to be securely added to git repositories.
It can import encrypted settings into Django defined in a python module and or a json file. Encrypted files are automatically generated.
Django settings
example
PRIVATE_settings.py
File stored in folder with django settings.py file
private_settings = {
"AWS_ACCESS_KEY_ID":"ABCDEFGHIJKLMNOP",
"AWS_SECRET_ACCESS_KEY":"ABCDEFGHIJKLMNOP"
}
settings.json
File stored in folder with django settings.py file
{
"AWS_ACCESS_KEY_ID":"ABCDEFGHIJKLMNOP",
"AWS_SECRET_ACCESS_KEY":"ABCDEFGHIJKLMNOP"
}
settings.py
from encrypted_credentials.django_credentials import add_encrypted_settings
add_encrypted_settings(globals())
Upon first execution a PRIVATE_KEY.env file will be generated with a random encryption key. DO NOT check this into repository. if PRIVATE_settings.py does not exist it will generate a template module.
set environment variable
export SETTINGS_KEY=FQQcgYWCBPE8l8IbHdcNie0WARbYHeFwCl4hIL3ecF0=
- If the
settings.jsonfile exists andsettings.json.encdoes not exist thensettings.json.encwill be created.(development) - If
settings.jsonandsettings.json.encexist then they will be compared and if differentsettings.json.encwill be overwritten.(development) - If
settings.jsondoes not exist thensettings.json.encwill be used (production)
settings.json.enc and or PRIVATE_settings.enc can be checked into git as it is encrypted with Fernet AES128 encryption
Credential files
get_decrypted_file will automatically encrypt the original file and supply the decrypted data
from encrypted_credentials.encrypted_file import get_decrypted_file
get_decrypted_file('full_path/orginal.pem')
original.pem.enc can be checked into a repository
Credential files with Django
By default environment variable SETTINGS_KEY will be used as key
settings.py
CREDENTIAL_FOLDER = os.path.join(BASE_DIR, 'credentials')
CREDENTIAL_FILES = {
'gmail': 'service-account-abcd.json',
'drive': 'service-account-efgh.json',
}
service-account-abcd.json.enc
usage
from encrypted_credentials.django_credentials import get_credentials
credentials = get_credentials('gmail')
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file encrypted-credentials-0.0.4.tar.gz.
File metadata
- Download URL: encrypted-credentials-0.0.4.tar.gz
- Upload date:
- Size: 4.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/51.0.0 requests-toolbelt/0.9.1 tqdm/4.50.0 CPython/3.8.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 690fd4bb324d7cfb7b3fdff20e5c65e55d8bbab2790a6f6c9006707c8cfa9d6e |
|
| MD5 | 6d7cea3d1c3b44cb0901b856e9b90352 |
|
| BLAKE2b-256 | 7a61b78480984393a0e5e96f1d01294ddcd491e825422f0a32eb250d20e3b2cc |
File details
Details for the file encrypted_credentials-0.0.4-py3-none-any.whl.
File metadata
- Download URL: encrypted_credentials-0.0.4-py3-none-any.whl
- Upload date:
- Size: 5.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/51.0.0 requests-toolbelt/0.9.1 tqdm/4.50.0 CPython/3.8.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f6df51c52b7a36d7f0bc65f8adfd04c960b5d5eb10899875cc17806b5ad38ebf |
|
| MD5 | b5bf6c9aebeb1c1644ad158bec3a61d7 |
|
| BLAKE2b-256 | 491e15cf6ffe05bb3700affe1b3ff5fa52179cf54018a5f34705af7d8367f6a8 |
