A library that offers a simple method of loading and accessing environmental variables and `.env` file values.
Project description
secretbox
A library that offers a simple method of loading and accessing environmental variables, .env
file values, and other sources of secrets. The class stores values to state when load methods are called.
Loaded values are also injected into the local environ. This is to assist with adjacent libraries that reference os.environ
values by default. Required values can be kept in a .env
file instead of managing a script to load them into the environment.
Requirements
- Python >= 3.6 <= 3.9
Optional Dependencies
- boto3
- boto3-stubs[secretsmanager]
Install
$ pip install secretbox
Optional AWS Secret Manager support
$ pip install secretbox[aws]
Example use
from secretbox.loadenv import LoadEnv
secrets = LoadEnv()
def main() -> int:
"""Main function"""
secrets.load()
my_sevice_password = secrets.get("SERVICE_PW")
# More code
return 0
if __name__ == "__main__":
exit(main())
Default Behavior: (shown above)
- On initialization the
LoadEnv()
class does nothing. By calling.load()
we cause the class to load all the currently available environ variables. It also looks for and loads, if found, a.env
file in the working directory. From there we can access those values with.get("KEY_NAME")
.
LoadEnv arguments:
LoadEnv(filename: str = ".env", aws_sstore_name: Optional[str] = None, aws_region: Optional[str] = None, auto_load: bool = False)
filename
- You can specify a
.env
formatted file and location, overriding the default behavior to load the.env
from the working directory
aws_sstore_name
- When provided, an attempt to load values from named AWS secrets manager will be made. Requires
aws_region
to be provided. Requiresboto3
andboto3-stubs[secretsmanager]
to be installed
aws_region
- When provided, an attempt to load values from the given AWS secrets manager found in this region will be made. Requires
aws_sstore_name
to be provided. Requiresboto3
andboto3-stubs[secretsmanager]
to be installed
auto_load
- If true, the
load()
method will be auto-exectued on initialization
Load Order
Secret values are loaded, and over-written if pre-existing, in the following order:
- Local environment variables
.env
file- AWS secret store [optional]
LoadEnv methods:
.get("[Key Name]")
- Returns the string value of the loaded value by key name. If the key does not exist, an empty string will be returned
""
. Note: This method pulls from the class instance's state copy of loaded value.
.load()
- Runs all importer methods. If optional dependencies are not installed, e.g. boto3, the importer is skipped.
.load_env_vars()
- Loads all existing
os.environ
values into state.
.load_env_file()
- Loads
.env
file or any file provided with thefilename
argument on initialization.
.load_aws_store()
- Loads secrets from AWS secret manager. Requires
aws_sstore_name
andaws_region
to have been provided. Will raiseNotImplementedError
if library requirements are missing.
.env
file format
Current format for the .env
file supports strings only and is parsed in the following order:
- Each seperate line is considered a new possible key/value set
- Each set is delimted by the first
=
found - Leading and trailing whitespace are removed
- Matched leading/trailing single quotes or double quotes will be stripped from values (not keys).
I'm open to suggestions on standards to follow here.
This .env
example:
# Comments are ignored
KEY=value
Invalid lines without the equal sign delimiter will also be ignored
Will be parsed as:
{"KEY": "value"}
This .env
example:
PASSWORD = correct horse battery staple
USER_NAME="not_admin"
MESSAGE = ' Totally not an "admin" account logging in'
Will be parsed as:
{
"PASSWORD": "correct horse battery staple",
"USER_NAME": "not_admin",
"MESSAGE": ' Toally not an "admin" account logging in',
}
Local developer installation
It is highly recommended to use a venv
for installation. Leveraging a venv
will ensure the installed dependency files will not impact other python projects.
The instruction below make use of a bash shell and a Makefile. All commands should be able to be run individually of your shell does not support make
Clone this repo and enter root directory of repo:
$ git clone https://github.com/Preocts/secretbox
$ cd secretbox
Create and activate venv
:
$ python3 -m venv venv
$ . venv/bin/activate
Your command prompt should now have a (venv)
prefix on it.
Install editable library and development requirements:
(venv) $ pip install -r requirements-dev.txt
(venv) $ pip install --editable .[aws,tests]
Run tests
(venv) $ tox
To exit the venv
:
(venv) $ deactivate
Makefile
This repo has a Makefile with some quality of life scripts if your system supports make
.
update
: Clean all artifacts, update pip, update requirements, install everythingclean-pyc
: Deletes python/mypy artifactsclean-tests
: Deletes tox, coverage, and pytest artifactsbuild-dist
: Build source distribution and wheel distribution
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file secretbox-1.2.0.tar.gz
.
File metadata
- Download URL: secretbox-1.2.0.tar.gz
- Upload date:
- Size: 6.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/4.3.1 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.61.0 CPython/3.8.10
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | e96fe2b70adcc157cedc18b6123dd6d8fe6ec9d714b40eb90cf67f5eca563fd9 |
|
MD5 | b5cd2aedd91c57a52637c3a91a723232 |
|
BLAKE2b-256 | b9673927afba691b946e7fa554ac88072dfd2e3b9489c2ef932677cd775ba33d |
File details
Details for the file secretbox-1.2.0-py3-none-any.whl
.
File metadata
- Download URL: secretbox-1.2.0-py3-none-any.whl
- Upload date:
- Size: 6.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/4.3.1 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.61.0 CPython/3.8.10
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8318b43ba58f103e2debe59485f1744644a44545d2e35e87572e66a12df0d5b3 |
|
MD5 | 4e75e6caf68696fbed53c4b0b1c7db61 |
|
BLAKE2b-256 | 526c56b03c46a7081cd87c6a4278acc1f4567f45173484a2f3a78a9d23763df6 |