在 Google AppEngine (python) 中存储配置的好地方是什么
我正在制作一个 Google AppEngine 应用程序,并且怀疑我是否应该存储(敏感)配置数据(例如凭据)。
我应该创建一个用于配置的 bigtable 实体,还是有其他建议的方式来存储它。
I am making a Google AppEngine application and am doubting were I should store (sensitive) configuration data like credentials.
Should I make a single bigtable entity for configuration, or is there another advised way to store it.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
如果您愿意将它们嵌入到源中,则可以这样做,但如果您需要动态配置,则可以使用数据存储区。您可以通过将设置缓存在本地内存中来避免在每个请求上获取设置。这是一个辅助类:
只需使用您需要的任何配置值对其进行子类化(或修改类本身)。由于加载的代码在请求之间持续存在,因此您只需为每个应用程序实例执行一次提取 - 但如果您希望能够动态更新配置,则可能需要构建超时。
如果您想在有限的时间内缓存内容,最好的选择就是存储获取它时的时间戳:
If you're okay with embedding them in your source, you can do that, but if you need it to be dynamically configurable, the datastore is the way to go. You can avoid fetching the settings on every request by caching them in local memory. Here's a helper class for that:
Simply subclass this with whatever configuration values you need (or modify the class itself). Because loaded code persists between requests, you'll only have to do a single fetch per app instance - though if you want to be able to update the configuration dynamically, you may want to build in a timeout.
If you want to cache stuff for a limited time, your best option is simply storing the timestamp when you fetched it:
将它们存储在模块中。您可以变得简单,例如拥有一个 config.py 模块,例如:
然后使用:
或者拥有一个稍微复杂的配置对象,它允许您为应用程序提供合理的默认值、命名空间配置键等。
Store them in a module. You can go simple, like having a
config.py
module with, say:Then use:
Or have a slightly more sophisticated config object that allows you to have sensible defaults for your app, namespaced config keys etc.
如果它是敏感数据,则不应将其存储在源代码中,因为它将被签入源代码管理。错误的人(组织内部或外部)可能会在那里找到它。此外,您的开发环境可能使用与生产环境不同的配置值。如果这些值存储在代码中,您将不得不在开发和生产中运行不同的代码,这是混乱且不好的做法。
在我的项目中,我使用此类将配置数据放入数据存储中:
您的应用程序将执行此操作以获取值:
如果数据存储中存在该键的值,您将获得它。如果不存在,将创建占位符记录并引发异常。该异常会提醒您前往开发者控制台并更新占位符记录。
我发现这不需要猜测设置配置值。如果您不确定要设置哪些配置值,只需运行代码,它就会告诉您!
If it's sensitive data, you should not store it in source code as it will be checked into source control. The wrong people (inside or outside your organization) may find it there. Also, your development environment probably uses different config values from your production environment. If these values are stored in code, you will have to run different code in development and production, which is messy and bad practice.
In my projects, I put config data in the datastore using this class:
Your application would do this to get a value:
If there is a value for that key in the datastore, you will get it. If there isn't, a placeholder record will be created and an exception will be thrown. The exception will remind you to go to the Developers Console and update the placeholder record.
I find this takes the guessing out of setting config values. If you are unsure of what config values to set, just run the code and it will tell you!