Google app engine 如何将环境变量添加到Google应用程序引擎
我已经将我的Django项目部署到Google App Engine,我需要添加环境变量 文档说要将它们添加到Google app engine 如何将环境变量添加到Google应用程序引擎,google-app-engine,environment-variables,Google App Engine,Environment Variables,我已经将我的Django项目部署到Google App Engine,我需要添加环境变量 文档说要将它们添加到app.yaml中,但这似乎是一种糟糕的做法,因为app.yaml应该在您的git存储库中 有没有什么方法可以像在Cloud Run>Services>variables&Secrets中添加环境变量一样,将环境变量添加到App Engine中?Google Secret Manager从今年春天开始提供: 从或以编程方式创建秘密(代码示例来自官方文档): 使用应用程
app.yaml
中,但这似乎是一种糟糕的做法,因为app.yaml
应该在您的git存储库中
有没有什么方法可以像在Cloud Run>Services>variables&Secrets中添加环境变量一样,将环境变量添加到App Engine中?Google Secret Manager从今年春天开始提供:
- 从或以编程方式创建秘密(代码示例来自官方文档):
- 使用应用程序中的机密,而不是环境变量:
如果您使用的是连续部署过程,则可以重写(或创建)app.yaml,以在CD构建系统中包含与每个部署目标相关的变量 作为部署过程的一部分,我们使用Bitbucket管道将几个文件重写到App engine。可以在工作区级别(跨多个存储库)、存储库内以及为定义的每个部署目标定义变量。可以保护这些变量,使其不可读。 指
def create_secret(project_id, secret_id):
"""
Create a new secret with the given name. A secret is a logical wrapper
around a collection of secret versions. Secret versions hold the actual
secret material.
"""
# Import the Secret Manager client library.
from google.cloud import secretmanager
# Create the Secret Manager client.
client = secretmanager.SecretManagerServiceClient()
# Build the resource name of the parent project.
parent = client.project_path(project_id)
# Create the secret.
response = client.create_secret(parent, secret_id, {
'replication': {
'automatic': {},
},
})
# Print the new secret name.
print('Created secret: {}'.format(response.name))
def access_secret_version(project_id, secret_id, version_id):
"""
Access the payload for the given secret version if one exists. The version
can be a version number as a string (e.g. "5") or an alias (e.g. "latest").
"""
# Import the Secret Manager client library.
from google.cloud import secretmanager
# Create the Secret Manager client.
client = secretmanager.SecretManagerServiceClient()
# Build the resource name of the secret version.
name = client.secret_version_path(project_id, secret_id, version_id)
# Access the secret version.
response = client.access_secret_version(name)
# Print the secret payload.
#
# WARNING: Do not print the secret in a production environment - this
# snippet is showing how to access the secret material.
payload = response.payload.data.decode('UTF-8')
print('Plaintext: {}'.format(payload))
build: &build
- step:
name: Update configuration for deployment
script:
- find . -type f -name "*.yaml" -exec sed -i "s/\[secret-key-placeholder\]/$SECRET_KEY/g" {} +