Environment variables let rosepy securely access your API credentials without you needing to hardcode them in a script. Environment variables are named values that your system or runtime environment stores, such as API keys, database URLs, or configuration options. Programs like rosepy read these values at runtime so your sensitive information never has to appear directly in your code or version control.
ROSEPY_API_KEY_ID=QRbbAlMJka...
ROSEPY_API_KEY_SECRET=Dt9c1vTJLM...If you need an API key, see this article for Creating an API key and secret.
Why Use Them?
- Security: Keeps your API credentials out of scripts and Git repositories.
- Consistency: You can use the same code across machines or servers without changing hardcoded credentials.
- Flexibility: Works across local machines, cloud environments, containers, and most IDEs.
Common Ways to Set Environment Variables
There are several methods for defining environment variables. The best approach depends on where your code is running and how broadly you want them to be available.
1. Locally on your computer
Most operating systems allow you to set environment variables once, and they become available to any program you run on that computer, including rosepy.
2. Inside your IDE
Modern development environments such as PyCharm, VS Code, and Jupyter let you specify environment variables on a per project or per run configuration basis. This is a convenient and secure way to keep your API keys available while keeping them out of your codebase. Look for settings like:
Run Configuration → Environment Variables
Project Settings → Environment → Add Variable
3. In containers or cloud environments
If your code runs in a hosted or containerized environment, environment variables are typically stored in a configuration layer or service.
Docker: Define them in a
Dockerfile(ENV VAR=value) or pass them at runtime (docker run -e VAR=value).AWS Lambda / ECS / SageMaker: Add them in the environment configuration section of your function, task, or notebook.
Kubernetes: Use a
ConfigMaporSecretto inject environment variables securely into pods.CI/CD pipelines (GitHub Actions, GitLab, etc.): Store them as “Secrets” and reference them as environment variables in your workflow.
Each platform ensures these values are accessible to your application without exposing them in logs or code.
4. Hardcoded (not recommended)
For quick prototyping, you may temporarily set environment variables directly in your Python file, for example:
import os os.environ["ROSEPY_API_KEY_ID"] = "QRbbAlMJka..." os.environ["ROSEPY_API_KEY_SECRET"] = "Dt9c1vTJLM..."
However, this is not recommended for production. Before sharing or deploying your code, remove these lines and use one of the more secure methods discussed above.
How rosepy uses environment variables
Rosepy automatically looks for these two environment variables:
- ROSEPY_API_KEY_ID
- ROSEPY_API_KEY_SECRET
You only need to define them once. After that, any script using rosepy can connect automatically without additional setup. You can verify your setup in Python:
import os
print(os.getenv("ROSEPY_API_KEY_ID"))
print(os.getenv("ROSEPY_API_KEY_SECRET"))If both print your expected values, your environment is configured correctly.
Best Practices
Store secrets securely using your platform’s built-in secret management tools (e.g., AWS Secrets Manager, GitHub Actions Secrets, .env files excluded from version control).
Avoid checking credentials into Git repositories, even private ones.
Prefer environment variables over inline configuration or hardcoded values.
Rotate API keys periodically and remove any that are no longer used.
Comments
0 comments
Please sign in to leave a comment.