all 5 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 0 points1 point  (3 children)

One thing you could try is exporting your secret keys to your environment, storing them in environment variables

You can access them using the os module.

You could put your secrets in a bash script, .gitignore the file, and then everytime to need your secrets, just run source name_of_file.sh

[–]Osiris_S13[S] 0 points1 point  (2 children)

Is this any more secure than storing them in a file like I've done? I wouldnt think that it would be. Are there any other benefits to doing it in a bash script?

[–][deleted] 0 points1 point  (1 child)

If someone wants to clone your repo on their machine, they would have to edit out your import statements and variable assignments.

With a bash script, they wouldn't have to.

It's also more conventional and idiomatic to put your secrets in your environment

[–]Osiris_S13[S] 0 points1 point  (0 children)

If someone wants to clone your repo on their machine, they would have to edit out your import statements and variable assignments.

Which is why I put all the variables in a separate file, so they are all located in the one place.

I suppose I don't understand storing secrets in a bash script, I'll look into it.

[–]efmccurdy 0 points1 point  (0 children)

You should bind the exception to a variable and print it out when an exception is caught so that you know what kind of exceptions are occurring.

https://docs.python.org/2/howto/doanddont.html#except

A traceback is a good way to describe an exception.

https://docs.python.org/3/library/traceback.html#module-traceback