settings parses command line and environment variables on one line. And makes it available throughout the code base. Making using settings in your project as boring and unimportant as it should be. settings vars is as simple as:
settipy.set("FOO", "default value", "help text")
getting vars out has the same level of complexity as setting the value.
settipy["FOO"]
Settipy offers a range of convenient features to help manage configuration settings, such as environment variables and command-line arguments. Here are some of the main features provided by Settipy:
-
Unified access to environment variables and command-line arguments: Settipy allows you to access and manage both environment variables and command-line arguments through a single, consistent interface, making it easier to work with these configuration settings.
-
Default values and descriptions: Settipy allows you to define default values and descriptions for configuration settings, ensuring that your application always has a fallback value and making it easier for other developers to understand the purpose of each setting.
-
Encrypted storage: Settipy provides a secure method for storing sensitive information such as passwords, using a secret splitting technique that divides the data into two separate parts. This method ensures that an attacker would need access to both the process arguments and environment variables to reconstruct the full password, reducing the risk of unauthorized access.
-
Flexible parsing: Settipy can be used to parse a wide range of data types, including integers, floats, booleans, and strings. This makes it suitable for various use cases and simplifies the process of working with different types of configuration settings.
-
Easy integration: Settipy is designed to be easy to integrate into your existing projects. Simply import the library and start using it to manage your configuration settings without any complex setup.
-
Platform independence: Settipy is compatible with both Unix and Windows systems, ensuring that your configuration settings can be managed consistently across different platforms.
example of how to use. More can be found in the example_project
settipy.set("FOO", "default value", "handy help text")
settipy.parse()
print("foo = ", settipy["FOO"])
The above go will produce program that can be used as follows. get handy help text set in the above example on the same line. This can get very handy when the project grows and is used in different environments
$ python example.py --help
Usage of example.py:
-FOO string
handy help text (default "default value")
When no value is given, default value is used
$ python example.py
foo = default value
Running the binary with command line input
$ python example.py -FOO bar
foo = bar
Running the binary with environment variable
$ FOO=ok;python example.py
foo = ok
variables are set with preference variables on the command line will have highest preference. This because while testing you might want to override environment The priority order is as follows
- Command line input
- Environment variables
- Default values
settipy supports different types. It's possible to use the method "get". But to be more clear to the reader of the code you can add the type e.g "get_bool".
// string
settipy.set("FOO", "default", "help text")
settipy["FOO"]
// integer
settipy.set_int("FOO", 42, "help text")
settipy["FOO"]
// boolean
settipy.set_bool("FOO", True, "help text")
settipy["FOO"]
// list
settipy.set_list("FOO", [1, 2, 3], "help text", sep=".")
settipy["FOO"]
dic = {
"foo": ["bar",],
"foo1": ["bar1", "bar2"]
}
settipy.set_dict("foodict", dic, "dict with lists", item_sep=";", key_sep=";", sep=",")
settipy["foodict"]
settipy supports different types.
// string
settipy.set("foshure", True, "handy message", should=True)
flag: foshure handy message: should be set
Run the variables that are set before your programs runs, this can help with debugging or in production.
It's possible to hide variables with setting password=True
Either run the program with --settipy-verbose
as cli argument or settipy.parse(verbose=True)
Why use Settipy's encryption feature?
While dedicated security solutions such as Vault provide more comprehensive protection, they can time-consuming or to complex for simple app. This can lead to situations where security is neglected or postponed. Settipy's encryption offers a significantly more secure method of storing sensitive information compared to storing it in plaintext. In some scenarios, this secret splitting technique can provide an adequate level of security, making it a practical and accessible choice for developers. By dividing a password or other sensitive data into two separate parts, Settipy ensures that an attacker would need access to both the process arguments and environment variables to reconstruct the full password. This approach effectively reduces the risk of unauthorized access and presents a user-friendly solution for securing sensitive data in your application.
- No plaintext storage: Sensitive information is divided into separate parts, ensuring that no plaintext version of the data is stored in any file or memory location.
- Enhanced security: Storing parts of sensitive data in different locations makes it more difficult for attackers to access the full password or sensitive data, as they would need to compromise both the environment variables and command-line arguments.
- Simple and Fast to implement
Run the following command to get a prompt for your password.
python3 settipy.py --settipy-mode generate
Password:
cli: wNn30Cp3tJPNVvm4OsNYUr42BjY0pRSm
env: a55aae783460f836f8d43c507e9190defc612a930fda9cfd4d
python3 settipy.py -settipy-mode decrypt -settipy-key wNn30Cp3tJPNVvm4OsNYUr42BjY0pRSm -settipy-input a55aae783460f836f8d43c507e9190defc612a930fda9cfd4d
Store the env value in your environment
export DBPASS=wNn30Cp3tJPNVvm4OsNYUr42BjY0pRSm
Run your application
python main.py --DBPASS=wNn30Cp3tJPNVvm4OsNYUr42BjY0pRSm
Example of main below
from settipy import settipy
settipy.set(
flag_name="DBPASS",
default="test pass",
message="secret for the database",
encrypted=True,
)
settipy.parse()
password = settipy.get_encrypted("DBPASS")
$ pip install settipy
- Add Typing
- Use logging
- Add to Readme features such as 'should_if', 'options'.
- Add options that are available to user, when input is not part of options.
MIT