search

LeeHanYeong / django-secrets-manager

Django SecretsManager is a package that helps you manage the secrets used by Django through various services.
MIT License
27 stars 7 forks source link

Support updating secrets in SecretsManager without restarting application #10

Open bdnettleton opened 4 years ago

bdnettleton commented 4 years ago

The idea of using section names for different settings modules is good but I need to be able to support updating secrets with the application being up and using settings.SECRETS throughout the Django app.

I will attach a patch file with the updates I coded to help me out. The main features are:

  1. Extend the section concept to support multiple sections in a single string. For example this now supports AWS_SECRETS_MANAGER_SECRET_SECTION = 'sample-project:dev;sample-project:base'. This string makes it so that keys are looked up first in 'sample-project:dev' and if they aren't found there then the key is looked up in 'sample-project:base'.
  2. Support using settings.SECRETS['my-key'] throughout the Django app, not just in a settings file.
  3. Support resetting of the secrets with new function settings.SECRETS.flush_data(). Calling this function occasionally (or on demand) allows the Django app to retrieve a new set of SECRETS from AWS SecretsManager.

Attached is the patch file for these changes (including some updates to README.md).

Attached updating-secrets.patch.txt

bdnettleton commented 4 years ago

Had a debug statement in that patch file. Here's a better one without the print statement.

updating-secrets.patch.txt