Google App Engine and Python: a correct way to store configuration variables
When you develop an application, often you could need to store some configurations. This data can contain a lot of sensitive informations, and this is a critical point if your sourcecode is hosted on a GitHub repository.
In fact, a lot of unwanted dataleaks starts with a commit that contains accidentally a configuration file, and a lot of simple tools developed for search this leaks are available (such us gittyleaks).
So, is my opinion that, also in development stage, a good practice should be to store configuration data into a database/datastore.
Recently i've worked on a telegram bot, hosted on Google App Engine and developed in Python.
A basic practice to store configuration data may be to store that on app.yaml as environment variables, in this way:
env_variables: TELEGRAM_TOKEN: 'YOUR TOKEN'
Then these variables will be available in the os.environ dictionary.
But, like I said, in not a good method in terms of security, and storing configurations into a datastore should be a better practice.
Below the brief code snippet i use for storing configurations:
from google.appengine.ext import ndb
class Settings(ndb.Model):
name = ndb.StringProperty()
value = ndb.StringProperty()
@staticmethod
def get(name):
NOT_SET_VALUE = "NOT SET"
retval = Settings.query(Settings.name == name).get()
if not retval:
retval = Settings()
retval.name = name
retval.value = NOT_SET_VALUE
retval.put()
return retval.value
Your application would do this to get a value:
TELEGRAM_TOKEN = Settings.get('TELEGRAM_TOKEN')
If there is a value for that key in the datastore, you will get it.
If there isn't, a placeholder record will be created: simply go to the Developers Console and update the placeholder record.
That's all folks!
References and further readings