loading...

Using YAML to manage Python configurations

boris profile image Boris Quiroz ・1 min read

On my last weekend project I needed to talk to an API using an AUTH_KEY which should be private but should be included in the request instead of using any auth method.

The request I needed to run was:

requests.get('https://<URL>/<SOMETHING>/<SOMETHING_ELSE>.json/?auth_key=YOUR_AUTH_KEY')

So I decided to use pyyaml, and it's very easy to use! Here's a short example of the python file

import json
import yaml

file = open('config.yml', 'r')
cfg = yaml.load(file, Loader=yaml.FullLoader)

url = 'https://<URL>/<SOMETHING>/<SOMETHING_ELSE>.json/?auth_key=' + cfg['auth']['key']
request = requests.get(url)

# then, everything else

Then, the config.yml is something like this:

auth:
  key: MY_AUTH_KEY

And not I can have my config.yml stored only in my laptop or, even better, in some secret place like a vault or something but not publicly accessible to anybody in GitHub.

Enjoy.

Discussion

pic
Editor guide
Collapse
bespokejamaa profile image
kaharo

Thanks for sharing this.
How does this compare to saving the key under environment settings and accessing it via os.environ.get() ?
Am just wondering if it's more secure ?
Thanks

Collapse
boris profile image
Boris Quiroz Author

that env vars can be seen (and (personal opinion) I think it's more structured)

Collapse
juancarlospaco profile image
Collapse
jheld profile image
Jason Held

That's true though some of it can be avoided via safe load.

Collapse
juancarlospaco profile image
Juan Carlos

Even if everything works perfectly,
YAML parsers tend to be big bulky and slow compared to parsers of simpler formats,
you can even use CSON if you dont want brackets and semicolons, etc
and still more simpler than YAML to parse.

Collapse
miniscruff profile image
miniscruff

Pydantic has a nice BaseSetting module that works with environment variables that I would recommend. Combo that with python-dotenv for file based loading.

Collapse
jheld profile image
Jason Held

Why full loader?

Collapse
blaisesumo profile image
Blaise Pabon

Could you add an example of

in some secret place like a vault or something but not publicly accessible to anybody in GitHub

where we can avoid leaking secrets into git ?