[omaha] Announce: YamJam v0.1.6 released
Jeff Hinrichs - DM&T
jeffh at dundeemt.com
Tue Apr 29 15:17:59 CEST 2014
Similar idea, but YamJam is python 3.x compatible and runs on 2.6+ (CI
only supports 2.7+)
Encryption is always suspect do to implementation. plaintext would be more
surprise than I would care to encounter. No mention of key management --
another problem. Plus, if a bad actor has access to your file system,
your data is sitting unencrypted in memory and fairly easy to access.
YamJam doesn't write to disk, so we don't encrypt. Access is based on
system privilege similar to .ssh (chmod 700) .
Appears to be focused strongly on Django only (models.py and management/)
and a riff on configparser. YamJam is app agnostic and works well with
Django or your framework of choice. Simplicity is a great thing. To use
YamJam you only have to be comfortable with a python dictionary. I've
used configparser before but don't any more because of the reasons that I
am outlining here.
Default values, as used in djset/configparser encourage single environment
deployment mindset which will cause you grief. Not to mention forsaking
the ability to factor out sensitive information.
I believe, if you are dealing with mult-environment deployment (dev / stage
/ production) you will end up liking YamJam more.
Also, I didn't see support for multiple config files (quick scan of code).
There are edge cases, found in real life, that can be solved simply with
this technique.
YamJam is more than reading settings in from a file, it is a framework that
solves the two most common config file issues -- sensitive config data
leaking into your repos and deployment to dev / staging or testing /
production environments. If you see code in your app that involves trying
to determine where you are running so it can set configuration data based
on the environment, you have this problem.
I appreciate the feedback and links. You should give yamjam a try.
Best,
Jeff
On Tue, Apr 29, 2014 at 2:20 AM, Wes Turner <wes.turner at gmail.com> wrote:
> Here's a similar approach: https://github.com/bretth/djset
>
> Note that https://pypi.python.org/pypi/keyring defaults to plaintext
> storage:
>
> https://bitbucket.org/kang/python-keyring-lib/issue/117/default-keyring-is-insecure
>
> Wes Turner
> On Apr 28, 2014 12:34 AM, "Jeff Hinrichs - DM&T" <jeffh at dundeemt.com>
> wrote:
>
> > Ok, so after the last meeting I promised to straighten out yamjam so that
> > pip would be happy once again. https://pypi.python.org/pypi/yamjam/
> >
> > I went and set up CI on drone.io, documents on readthedocs and did
> battle
> > with the dragon that is the pypi submission and the long_description of
> > silently failing RST.
> >
> > If you are looking to get sensitive data out of your Django settings.py
> > file or looking to apply DRY principles for your resource config
> > information you should give yamjam a go.
> >
> > If you are looking for a good CI service -- I have nice things to say
> about
> > drone.io -- Travis, on the other hand, not so much.
> >
> > apologies for any typos in this message -- I am weary of documenting and
> > editng ;) (actually it was the number of bug reports that I filed had me
> > dismayed)
> >
> > However, to make this exercise complete, I have to blog about my
> > experiences. You can check out my blog later this week or just keep an
> eye
> > on Planet Python.
> >
> > I'd rather be coding ;)
> >
> > -j
> > --
> > Best,
> >
> > Jeff Hinrichs
> > 402.218.1473
> > _______________________________________________
> > Omaha Python Users Group mailing list
> > Omaha at python.org
> > https://mail.python.org/mailman/listinfo/omaha
> > http://www.OmahaPython.org
> >
> _______________________________________________
> Omaha Python Users Group mailing list
> Omaha at python.org
> https://mail.python.org/mailman/listinfo/omaha
> http://www.OmahaPython.org
>
--
Best,
Jeff Hinrichs
402.218.1473
More information about the Omaha
mailing list