Activity 38: Documentation of your Python .env and gitignore
What is a .env File?
A .env file is a straightforward text file that serves to store environment variables. Within a Flask application, it is typically used to safeguard sensitive information, such as:
Database credentials
API keys
Secret keys for session management
Importance of .env
The .env file holds significant importance for the following reasons:
Security: By keeping sensitive information out of the source code, the
.envfile reduces the risk of accidental exposure, particularly when sharing code or pushing it to public repositories.Flexibility: It facilitates the management of different configurations across various environments—such as development, testing, and production—without necessitating changes to the codebase.
What is a .gitignore File?
A .gitignore file is a text file that instructs Git on which files or directories to exclude from version control. This feature is particularly useful for preventing sensitive data and unnecessary files from being tracked.
Importance of .gitignore
The significance of the .gitignore file is highlighted by the following points:
Prevent Sensitive Data Exposure: It ensures that files like
.env, which contain sensitive data, are not pushed to repositories, thereby safeguarding that information.Reduce Clutter: The
.gitignorefile helps maintain a clean Git repository by ignoring files that do not require versioning, such as compiled code, log files, and virtual environments.
Step-by-Step Implementation of Activity 37
Step 1: Set Up a New Flask Project
To begin, I created a new project folder:
mkdir salibay_env_gitignore
cd salibay_env_gitignore
Next, I initialized the Flask project by creating a virtual environment and installing Flask:
python -m venv venv
venv\Scripts\activate # For Windows users
pip install Flask
Subsequently, I created the main application file, named app.py, and included the following code:
from flask import Flask
import os
from dotenv import load_dotenv
load_dotenv()
app = Flask(__name__)
app.config['SECRET_KEY'] = os.getenv('SECRET_KEY', 'defaultsecret')
@app.route('/')
def home():
return 'Hello, Flask with .env!'
if __name__ == '__main__':
app.run(debug=True)
Step 2: Set Up the .env File
Following the setup of the main application, I installed the Python Dotenv package:
pip install python-dotenv
Then, I created a .env file in the project directory and added my secret key:
SECRET_KEY="secret_key"
Step 3: Create a .gitignore File
Next, I created a .gitignore file in the root of the project and added the following entries to prevent unnecessary files from being tracked:
.env
venv/
__pycache__/
*.pyc
*.pyo
Step 4: Initialize Git and Commit
To initialize version control for the project, I ran:
git init
After initializing, I added and committed my files:
git add .
git commit -m "Initial commit with .env and .gitignore"
Step 5: Create a GitHub Repository and Push
Finally, I created a new repository on GitHub named nicolas_env_gitignore. I then linked the local repository to GitHub and pushed my code:
git remote add origin https://github.com/MonetForProgrammingPurposes/nicolas_env_gitignore.git
git branch -M main
git push -u origin main
Through this activity, I successfully implemented a .env file and a .gitignore file in my Flask application, enhancing the security and organization of my project. These practices are vital for managing sensitive information and maintaining a clean version control environment.