{ "info": { "author": "", "author_email": "", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Intended Audience :: Developers", "License :: OSI Approved :: MIT License", "Operating System :: MacOS :: MacOS X", "Operating System :: Microsoft :: Windows", "Operating System :: POSIX", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3 :: Only" ], "description": "# devsecrets: read secrets from environment variables or files\n\n[![Linux build][tci]][tcl]\n[![Windows build][aci]][acl]\n[![Code coverage report][cci]][ccl]\n\n## Why?\n\nIt would be nice if a developer could check out a project and immediately run\nand debug it through their IDE.\n\nFor code that requires sensitive environment variables, you can't have that\nbecause that would entail checking in secrets in run configurations.\n\n## What?\n\ndevsecrets gets you just a little closer to the ideal by letting environment\nvariables point to files containing the sensitive information.\n\nIt doesn't help with creating, securing, or distributing those files.\n\n## How?\n\nInstead of reading `os.environ` directly, use `devsecrets.read_secret()` in your code.\nFor instance, if accessing a `DATABASE_URL` variable:\n```\nfrom devsecrets import read_secret\n\nDATABASE_URL = read_secret('DATABASE_URL')\n```\n\nIn development, set the `DATABASE_URL` environment variable to `@.secrets`.\n\nCreate a `.secrets` file in your project's directory, containing a line like\n```\nDATABASE_URL=\"driver://user:pass@host/dbname\"\n```\n\nHave your version control system ignore your .secrets file.\n\n## What about non-development environments?\n\nEnvironment values that don't begin with the @-symbol are returned as-is by\n`read_secret()`, so if you already have your secrets in environment variables\nin production, there's no need to do anything differently.\n\nIf you do want to use secrets files in production, it probably makes sense\nto point to them with absolute paths.\n\n## Details\n\n### Where exactly does `read_secret()` look for files?\n\nIf the filename is absolute, it is used as is.\n\nOtherwise, `read_secret()` discovers where the code that called it lives and\nstarts there. Then it walks up the path all the way to the root.\n\n### What is the format of the secrets files?\n\nBy example:\n```\n# comment\nKEY1 = \"value\" #comment\nkey-2=\"#not-a-comment\"\n\nkey_3 = \"multiline\\r\\nvalue\"\n\n```\n\nCurrently, values must be quoted.\n\nThis is only because, for reasons of expediency,\na [TOML](https://github.com/toml-lang/toml) parser is used to parse these files.\n\n### Installed code\n\nBeware that how and where your code is installed matters because `read_secrets()`\nconsiders where the calling code lives. If that's in a site-packages\ndirectory under `/usr/lib` or `~/.local/share/virtualenvs` for instance,\nthen a `.secrets` file in `~/projects/myproject` won't be found.\n\nThis is ordinarily not a problem because you install your code with\n`python setup.py install --develop` or `pip install --editable` so you run\nyour code from the same place where you checked it out.\n\n### Installing\n\n```\npip install devsecrets\n```\n\n### Running the tests\n\n```\ntox\n```\n\n## Versioning\n\nWe use [SemVer](http://semver.org/) for versioning [releases](https://github.com/JaGallup/devsecrets/releases). \n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE.txt](LICENSE.txt) file for details\n\n## Related Projects\n\n[python-dotenv](https://github.com/theskumar/python-dotenv)\n\n\n[tci]: https://travis-ci.org/JaGallup/devsecrets.svg?branch=master\n[tcl]: https://travis-ci.org/JaGallup/devsecrets\n\n[aci]: https://ci.appveyor.com/api/projects/status/github/JaGallup/devsecrets?branch=master&svg=true\n[acl]: https://ci.appveyor.com/api/projects/status/github/JaGallup/devsecrets\n\n[cci]: https://codecov.io/gh/JaGallup/devsecrets/branch/master/graph/badge.svg\n[ccl]: https://codecov.io/gh/JaGallup/devsecrets\n\n\n", "description_content_type": "text/markdown", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/JaGallup/devsecrets", "keywords": "secret,secrets,password,passwords", "license": "", "maintainer": "", "maintainer_email": "", "name": "devsecrets", "package_url": "https://pypi.org/project/devsecrets/", "platform": "", "project_url": "https://pypi.org/project/devsecrets/", "project_urls": { "Homepage": "https://github.com/JaGallup/devsecrets" }, "release_url": "https://pypi.org/project/devsecrets/0.1/", "requires_dist": [ "toml", "pytest-pep8 ; extra == 'dev'", "pytest-cov ; extra == 'dev'", "twine ; extra == 'dev'" ], "requires_python": "", "summary": "Read secrets from environment variables or files", "version": "0.1" }, "last_serial": 4941229, "releases": { "0.1": [ { "comment_text": "", "digests": { "md5": "bdc10e59e083aabd32eb78d055b6ea71", "sha256": "7d1423717cae4f0724cb31e9f0acff3c5d4633dafa425353f2f94f60adc09e07" }, "downloads": -1, "filename": "devsecrets-0.1-py3-none-any.whl", "has_sig": false, "md5_digest": "bdc10e59e083aabd32eb78d055b6ea71", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 4827, "upload_time": "2019-03-14T19:06:28", "url": "https://files.pythonhosted.org/packages/8a/e8/4b60bc2559f6b02cdd48295156e432fa0c8b17e11a608864af0e865d1334/devsecrets-0.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "b526168a57027656775811febae0af7a", "sha256": "986b18fe60b8cecea3f9d6d7a0517722aaf23ca4f481494f08ae311ca6667e48" }, "downloads": -1, "filename": "devsecrets-0.1.tar.gz", "has_sig": false, "md5_digest": "b526168a57027656775811febae0af7a", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 4048, "upload_time": "2019-03-14T19:06:30", "url": "https://files.pythonhosted.org/packages/a8/e1/2c3bf0fd76fef84ce828c6c8613c3b6149039a28929c10aac7581e3ad74f/devsecrets-0.1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "bdc10e59e083aabd32eb78d055b6ea71", "sha256": "7d1423717cae4f0724cb31e9f0acff3c5d4633dafa425353f2f94f60adc09e07" }, "downloads": -1, "filename": "devsecrets-0.1-py3-none-any.whl", "has_sig": false, "md5_digest": "bdc10e59e083aabd32eb78d055b6ea71", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 4827, "upload_time": "2019-03-14T19:06:28", "url": "https://files.pythonhosted.org/packages/8a/e8/4b60bc2559f6b02cdd48295156e432fa0c8b17e11a608864af0e865d1334/devsecrets-0.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "b526168a57027656775811febae0af7a", "sha256": "986b18fe60b8cecea3f9d6d7a0517722aaf23ca4f481494f08ae311ca6667e48" }, "downloads": -1, "filename": "devsecrets-0.1.tar.gz", "has_sig": false, "md5_digest": "b526168a57027656775811febae0af7a", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 4048, "upload_time": "2019-03-14T19:06:30", "url": "https://files.pythonhosted.org/packages/a8/e1/2c3bf0fd76fef84ce828c6c8613c3b6149039a28929c10aac7581e3ad74f/devsecrets-0.1.tar.gz" } ] }