Load YAML configs with environment variables interpolation
Project description
Piny
YAML configs loader with environment variables interpolation for Python.
Keep your app’s configuration in YAML file with sensitive data marked as environment variables. Put sensitive data into environment variables. Then let piny interpolate the variables on YAML loading.
Rationale
Piny combines YAML config’s readability, versioning, and environment variable’s security. Read more in the blog post.
Installation
Install using pip install -U piny.
Usage
Set your environment variables, add them to your YAML configuration file:
db:
login: user
password: ${DB_PASSWORD}
mail:
login: user
password: ${MAIL_PASSWORD:-my_default_password}
sentry:
dsn: ${VAR_NOT_SET}Then load your config:
from piny import YamlLoader
config = YamlLoader(path="config.yaml").load()
print(config)
# {'db': {'login': 'user', 'password': 'my_db_password'},
# 'mail': {'login': 'user', 'password': 'my_default_password'},
# 'sentry': {'dsn': None}}You may want to discourage Bash-style envs with defaults in your configs. In such case, use a StrictMatcher:
from piny import YamlLoader, StrictMatcher
config = YamlLoader(path="config.yaml", matcher=StrictMatcher).load()Both strict and default matchers produce None value if environment variable matched is not set in the system (and no default syntax used in the case of default matcher).
Best practices
Maintain healthy security/convenience balance for your config
Mark up entity as an environment variable in your YAML if and only if it really is a secret (login/passwords, private API keys, crypto keys, certificates, or maybe DB hostname too? You decide)
Once config is loaded by Piny validate it using your favourite validation tool (some integrations are coming in the future releases)
Store your config files in the version control system along with you app’s code.
Environment variables are set by whomever is responsible for the deployment. Modern orchestration systems like Kubernetes make it easier to keep envs secure (see Kubernetes Secrets).
Fun facts
Piny is a recursive acronym for Piny Is Not YAML. Not only it’s a library name, but also a name for YAML marked up with environment variables.
CHANGELOG
v0.3.0 (2019-06-09)
README.rst extended with Rationale and Best practices sections (#5) by @pilosus
v0.2.0 (2019-06-09)
StrictMatcher added (#3) by @pilosus
v0.1.1 (2019-06-07)
CI/CD config minor tweaks
README updated
v0.1.0 (2019-06-07)
YamlLoader added
Makefile added
CI/CD minimal pipeline added
v0.0.1 (2019-06-07)
Start the project
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file piny-0.3.0.tar.gz.
File metadata
- Download URL: piny-0.3.0.tar.gz
- Upload date:
- Size: 5.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/41.0.1 requests-toolbelt/0.9.1 tqdm/4.32.1 CPython/3.7.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a8c95032ef6dcbf6d499019f1fe6a056ce24bd373c394dc616f67f28cb6e8c5a
|
|
| MD5 |
0ebb1f728890f4b35e12a272c4e3f995
|
|
| BLAKE2b-256 |
e797d9dda7e23f0781a6daa225cbaf2b01b6d2b771fd67216e2014a4ef3d9495
|
File details
Details for the file piny-0.3.0-py3-none-any.whl.
File metadata
- Download URL: piny-0.3.0-py3-none-any.whl
- Upload date:
- Size: 4.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/41.0.1 requests-toolbelt/0.9.1 tqdm/4.32.1 CPython/3.7.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b9a83528ab4cb900c403a7b060a1aa416e7562c0d54fb96c19d1326322bad82c
|
|
| MD5 |
612500e55705a3ff0aa3c3f96a705835
|
|
| BLAKE2b-256 |
6be28bc3b8078b31f629e4ffbb88eafe316b9a3a5fc0b43fd62e14a55a04aff1
|
