I'm not sure what you mean, so I'll simply restate what I believe is the situation and how I would handle it.
You need to put some "private" info into a .py file that will be part of your App Engine app, similar to a config.py. When your app runs, it will need access to the private code in this .py file, which can be done by a simple python import. The problem: You also want to make the source files for your app available in a public svn repository. The solution: On your local machine, you put the private key into some file, call it private.py. Your main.py or some other publicly- released code will import private.py. You want this private.py to be on your local machine and in the App Engine cloud, but NOT in the public svn repository. So, all you have to do is set the svn:ignore property to ignore private.py. This means private.py is not under revision control and won't be committed to the public svn repository. The private.py file will be on your local machine and when you "appcfg.py update", the script will see private.py and put it in the cloud as well. Just make sure you keep a backup of the code separate from the svn repository (or keep private.py a one-liner), because if your local machine's disk crashes, you won't have a backup in the public svn repo for private.py. -Bill On Jan 24, 6:25 am, thebrianschott <schott.br...@gmail.com> wrote: > Bill, > > So, you are not suggesting that Dave's recommendation to NOT put my > secret file in the material committed to the appspot, because it would > be available to anyone on the web, right? But you are saying that if I > learn to write a "little script" that pulls my secret key .... [see > the quote from Dave, below], then the ignore feature would work nicely > for the little script and the tiny.py file Dave mentions. And I agree > that the ignore would be dandy and I appreciate your jumping in here. > I sure wish such a little script and tiny .py file example existed for > me to adapt, because I'm very shaky on python programming, especially > creating (,linking) and editing existing editable source files. > > [Below is a quote from Dave's earlier message in the thread] > Okay, I see where you're coming from. Your best bet is probably to > auto-generate or manually edit a tiny .py file that you don't check > in > to SVN (or maybe check in a secret-key.py.template with the key > replaced with "InsertKeyHere"). Then you could write a little script > that pulls your real secret key from a file on your own computer > before uploading your app. > [Above is a quote from Dave's earlier message in the thread] > > On Jan 24, 1:35 am, Bill <billk...@gmail.com> wrote: > > > > > Brian, > > > If you plan on storing thekeyin a file, I would suggest using the > > svn:ignore > > feature:http://svnbook.red-bean.com/en/1.5/svn-book.html#svn.advanced.props.s... > > > You can tell svn to not check in any file that matches yourprivate > > filename. Just let your collaborators know they're supposed to add > > their version of theprivatefile after svn checkout. > > > -Bill > > > On Jan 23, 8:21 pm, thebrianschott <schott.br...@gmail.com> wrote: > > > > Dave, > > > > Thank you for clarifying that. I guess I would have to put thekey > > > into the datastore, but that may not be practical for me either. I > > > have not decided yet how much access to the datastore I will give > > > users of my app, yet. I don't think they need any, but I cannot be > > > sure now. > > > > In any case, thanks again for sticking with this discussion. > > Brian in Atlanta --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
