stackoom
  简体   繁体   中英

Django Settings and GitHub Action Secrets

 原文  2020-05-31 19:29:35       python/ django/ github/ django-settings/ building-github-actions

Question

I have a Django project and am using a Postgres database. I want to figure out a simpler way to store my credentials locally and on Github so that I can run tests in both places but where none of my sensitive info is in the git repo.

Even though the database only exists on my computer (and the Github test database only exists for about a minute at a time on GitHub) I want to use the best practice possible for SECRETS so when I do go live, I am all set.

Currently, the only sensitive data I have is database passwords. Here is how I am keeping my real passwords out of GitHub.

settings.py (in Git): 

VAR_1='abc'
VAR_2 = '123'

#DOES NOT INCLUDE DATABASE CONFIG

VAR_3 = 'efg'

# Add settings from local file into main settings
try:
    from .localsettings import *
except ImportError:
    import sys
    print('localsettings not defined.')

localsettings.py (not in Git): 

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql_psycopg2',
        'NAME': 'real-db-name',
        'USER': 'real-user',
        'PASSWORD': 'real-password',
        'HOST': 'localhost',
        'PORT': '',
    }
}

testsettings.py (in Git): 

# import main settings and then overright certian values
try:
    from .settings import *
except ImportError:
    import sys
    print('settings not defined.')

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql_psycopg2',
        'NAME': 'github-db-name',
        'USER': 'github-db-user',
        'PASSWORD': 'github-user-password',
        'HOST': 'localhost',
        'PORT': '',
    }
}

With this setup I can run test normally locally python manage.py test but when I run them on Github I have to use python manage.py test --settings=path.to.testsettings

Is there a way to store secrets locally similar to the way GitHub does so that I can just have one settings file and it will work locally and on GitHub?

1 answers

solution1
 0  2020-10-05 05:47:53

I would consider passing the secrets to Django config file from environment variables. https://django-environ.readthedocs.io/en/latest/

Then you have only to pass env variable with secrets to running container in Github actions.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to access GitHub action secrets with python? Managing django secrets Github ssh-action configuration to deploy changes in django application GitHub action couldn't find environment variable for Django How to access environment secrets from a Github workflow? GitHub workflow for automating Python script with secrets not working Is it safe to pass GitHub Secrets as an argument to a python code? Django settings Storing client secrets on Django app on App Engine Dynaconf overwrites sections at settings.toml with .secrets.toml
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM