Initial Implementation #1
Conversation
|
Hey I'd love to use this library - it's especially useful for AWS Lambda functions. Any word on when this PR might be merged? |
|
I'd love to see this merged. My org is eager to use dotenvx for Lambda |
| encoding = encoding) | ||
|
|
||
| env_keys_values = dotenv.dotenv_values('.env.keys') | ||
| dotenv_private_key = env_keys_values['DOTENV_PRIVATE_KEY'] |
There was a problem hiding this comment.
Since .env.keys should be .gitignored, can we assume os.environ['DOTENV_PRIVATE_KEY'] is already set correctly and use it?
|
hi everyone, this is great BUT any reason you're not just using dotenvx via the binary install? That should work for lambda @Lfooligan, right? Or use python and node together on a lambda and use the npm dotenvx? background: this repo was originally a placeholder with the intention to add a light python wrapper around native extensions. Similar to like |
|
In support of implementing this library: I ended up writing my own version of this PR in order to "natively" use dotenvx without relying on the binary. It greatly improved the portability of our application in CI, local workflows, etc, while allowing us to take advantage of better secrets management through dotenvx. Counterpoint: This solution was not easy to discover, though (I couldn't find this via googling and had to ask JetBrains support). In conclusion: it was quicker/easier to implement and use this library than go digging for a way to properly use the binary in PyCharm. So, at least for my use case, this library would have been helpful. |
|
@motdotla For our containerized apps/services running on Kubernetes we use the binary library and it works great! We currently run/deploy non-containerized Lambdas (i.e. plain ole' zip files) and I'm not actually sure how to shove the binary in there and override the handler function to use it. Do you have some documentation available we could follow? Edit: I'm assuming the binary route would require all developers to be on the same CPU architecture - we have a mix of Apple Silicon (arm64) and legacy Intel, and I believe our Lambdas are running on x86_64. |
I'll try to put that together this week.
They can be on a mix. We publish binaries for all the major architectures: https://dotenvx.com/docs/stats Just use the same |
|
Update on my end: I ended up experimenting with migrating one of our Lambda services to be containerized, this way I could install the binary and use it by overriding the entrypoint/cmd that Lambda invokes. However, we use Localstack for local development and now realize I cannot test/deploy containerized lambdas locally without a Localstack Pro subscription (ECR is locked behind it and it's minimum 35$ / month / per developer). So back to the zip approach, I suppose. |
@Lfooligan I have a solution for this now - just trying to tighten it up so it is very straightforward and documented on the docs site. I'll post here soon.
starting here by wrapping the binary and including a postinstall script. i'm not ready to commit to the ongoing effort of this being rewritten fully idiomatically. i do think it will be reasonably doable at a later time by doing a mix of mirroring filenames from dotenvx and automated migration to python using some ai tooling and then human managed PR reviewing, but i don't want to set up those systems yet. getting pro out of beta is my priority at the moment. |
|
@Lfooligan here's documentation on using python-dotenvx with aws-lambda |
Summary
This PR implements the
load_dotenvx()function, which extends the existingload_dotenv()functionality to decrypt any encrypted environment variables before injecting them intoos.environ.Changes Made
load_dotenvx()function insrc/dotenvx/main.py.python-dotenvfor existing dotenv loading logic.Usage Example