govuk-data-science-workshop: Loading environment variables
We use direnv
to load environment variables, as these are only loaded when
inside the project folder. This can prevent accidental conflicts with identically named
variables.
Using direnv
To load the environment variables, first follow the direnv
installation
instructions, and make sure you have a .secrets
file to store
secrets and credentials. Then:
- Open your terminal;
- Navigate to the project folder; and
- You should see the following message:
direnv: error .envrc is blocked. Run `direnv allow` to approve its content.
- You should see the following message:
- Allow
direnv
.direnv allow
You only need to do this once, and again each time .envrc
and .secrets
are modified.
Installing direnv
These instructions assume you are running on macOS with administrator privileges using
a bash terminal. For other ways of installing direnv
, and its shell hooks, consult
the direnv
documentation.
- Open your terminal;
-
Install
direnv
using Homebrew;brew install direnv
- Add the shell hooks to your
.bash_profile
;echo 'eval "$(direnv hook bash)"' >> ~/.bash_profile
- Check that the shell hooks have been added correctly; and
cat ~/.bash_profile
- This should display
eval "$(direnv hook bash)"
- This should display
- Restart your terminal.
Storing secrets and credentials
Secrets and credentials must be stored in the .secrets
file. This file is not
version-controlled, so no secrets should be committed to GitHub.
In your terminal navigate to the root folder, and create a .secrets
file.
touch .secrets
Open this new .secrets
file using your preferred text editor, and add any secrets as
environmental variables. For example, to add a JSON credentials file for Google
BigQuery, save the following changes to .secrets
.
export GOOGLE_APPLICATION_CREDENTIALS="path/to/credentials.json"
Once complete, make sure the .secrets
file has the following line uncommented out:
source_env ".secrets"
This ensures direnv
loads the .secrets
file using .envrc
without
version-controlling .secrets
.