In this lesson, you'll learn about environment variables in Bash on UNIX operating systems, but Windows has the same concept with slightly different commands that you can read about in this external guide on configuring environment variables in Windows. The concept of environment variables is not specific to Python. Instead, it's a common standard used across different areas of software development.
What Are Environment Variables
Environment variables are dynamic-named values that you can access from anywhere in your current environment. They can help you make running your scripts more user-friendly and secure and are shared across all applications in your current environment.
In UNIX systems, the most famous one of them is $PATH, which specifies file paths where your system looks for executable files. Windows has a similar variable called Path.
Environment Variable Use Cases
You can access the value of your environment variables anywhere in your project without ever spelling out the actual value of that variable. Instead, you can refer to it through the environment variable.
That way, you can work with secrets and passwords throughout your project and commit all project-relevant code to GitHub while keeping your sensitive information safe and to yourself.
Info: In this section, you'll learn about using environment variables to separate sensitive information from the rest of your code. You'll later use it to build projects that interact with the web towards the end of this course module. The concepts you'll learn, however, will also be helpful in many other cases.
Many larger programs that you'll build will include some setting information that you don't want to share with the world. Think about API keys for web service calls, database login credentials, or the ingredients to your secret sauce in your recipe generator. However, you might still want to be able to collaborate online with other developers on your code through GitHub.
Note: While Git and GitHub are great, sensitive information should never make its way to the open-source community.
Environment variables can help you generalize the setup of your applications, as well as separate sensitive information so that you'll have an easier time keeping that information safe.
Horror Scenarios
The web is full of horror stories of accidentally posting API key secrets that ended up costing the owner a lot of money. If you need some extra convincing or just want to stay up late tonight, check out the following posts:
- A Git Horror Story: Repository Integrity With Signed Commits
- My $500 Cloud Security Screwup
- Dev Blunder shows GitHub is crawling with Keyslurping Bots
- My AWS Account was hacked and I have a 50 000 Bill
The quick takeaway is that you should never post your sensitive information to GitHub.
Info: Bots are quick, and one compromised commit is one too many.
Keep in mind that there are multiple ways to keep your sensitive information safe. In this course, you'll learn how you can use environment variables to separate out sensitive information and make it less likely you'll end up with an accidental horror story.
In an upcoming lessons, you'll learn how to:
- Set an environment variable
- Add and remove environment variables from your command line
- Create virtual environment variables in your Python virtual environment
- Automatically set and unset these virtual environment variables when you activate or deactivate your virtual environment
Summary: Python Environment Variables
- You can use environment variables to help with your project setup and separate out sensitive information.
- Even though the skills you're learning here are not specific to Python, knowing how to work with environment variables is a standard skill for software developers that'll come in handy, especially when you work on a team.
- It's also helpful when you build projects and store your code on remote version control sites, such as GitHub.
- You should never post your sensitive information to GitHub.