Managing Settings and Secrets for Different Environments
00:00 Managing Settings and Secrets for Different Environments. Most applications require different settings for each environment to do things such as enabling debugging features or pointing to different databases.
Here the configuration is loaded from one of the previously defined classes in
config.py. The specific configuration class will depend on the value stored in the
APP_SETTINGS environment variable. If the variable is undefined, the configuration will fall back to
DevelopmentConfig by default.
The message was modified to show the secret key obtained by
app.config.get(). You don’t typically display sensitive information as part of your responses. This is just an example to show how you can read these values.
02:47 After setting the environment variable, run the application and navigate to the address seen on-screen. You should see the message The configured secret key is key-read-from-env-var, as seen on-screen.
If the variable wasn’t set, then you’d see the message on-screen now. Next, commit the changes and push them to the staging environment by running the command seen on-screen. First the changes to
config.py are added, and then a commit is created.
03:24 Finally, these changes are pushed to the staging environment. This triggers a new build and deployment process. Before proceeding, you can customize the environment variables for this environment using a Heroku CLI.
04:16 Using Heroku CLI, you can also get the values of the environment variables for any app. On-screen, you’ll see the command that gets all the environment variables set for the staging environment from Heroku.
Once more, you can verify the changes were deployed by going to the production URL and checking that the page shows The configured secret key is the-production-key. In this section, you’ve learned how to use a different configuration for each environment and also how to handle sensitive settings using environment variables—an important skill to have, as this means sensitive data doesn’t end up in your public repositories. Remember, of course, in real-world applications, you wouldn’t expose sensitive information like
Become a Member to join the conversation.