Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support Settings Configuration through CLI and environment Variables #988

Open
mcrowson opened this issue Jun 13, 2021 · 12 comments
Open

Support Settings Configuration through CLI and environment Variables #988

mcrowson opened this issue Jun 13, 2021 · 12 comments
Labels
enhancement New feature or request feature-request Request/idea regarding new and/or improved functionality good first issue Good for newcomers needs-review Needs attention from a maintainer

Comments

@mcrowson
Copy link
Contributor

Right now settings are just passed in through the settings file. This is somewhat limiting if there is a value that will be dynamic with deployments (such as a docker image file, etc.) We should support accepting settings through environment variables, the CLI, the current settings file, and any mix of those.

The order of precedence with mixed should be CLI -> environment -> config file.

If possible, the implementation of this ticket would not be to enumerate each settings value for each of these sources, but to have some way of dynamically finding zappa settings and configuring it.

@mcrowson mcrowson added enhancement New feature or request good first issue Good for newcomers feature-request Request/idea regarding new and/or improved functionality labels Jun 13, 2021
@monkut
Copy link
Collaborator

monkut commented Jul 19, 2022

I'm interested in this getting in as a feature.

I've created a cli tool that will generate the zappa_settings.json file dynamically for ci integration.
https://github.com/monkut/zappa-configuration-generator

It's been working for me for a long time, but I would like similar functionality integrated into zappa itself.

@michaelhudelson
Copy link

Any updates on this? Super interested in having a feature like this :)

@souravjamwal77
Copy link
Collaborator

Hi @michaelhudelson
You can specify additional environment variables into a .env file for your deployment.

@monkut I saw your repo. And yes your configuration can help in CI/CD deployment.

@michaelhudelson
Copy link

Hi @souravjamwal77

Thanks for getting back to me :)

I think I misunderstood this ticket - I'm actually looking for something that is to Zappa what Terragrunt is to Terraform.

I want to be able to have a base settings file and then right a layer of customization over it.

If you are interested, I recently made something in a personal project that does this as a POC in about 80 lines of python.

@dougharris
Copy link

Another use case for this is not committing secrets to git. For example, when setting a certificate ARN in the settings file, it contains the account number for the AWS account. I’d rather reference an environment variable for that ARN then commit the hardcoded ARN with account number and UUID to git.

@dougharris
Copy link

I have the beginning of an implementation that would read settings from environment variables. I'm having difficulty imagining how passing settings as command line options would work. @mcrowson do you have ideas about what the CLI experience would be?

Like if you wanted to pass the value for s3_bucket on the command line, is this what you're thinking?

zappa --s3_bucket mybucket deploy

Or perhaps something like:

zappa --config s3_bucket=mybucket deploy

I'm not sure if/how click's arg processing supports arbitrary extra command line options.

Any suggestions?

@mcrowson
Copy link
Contributor Author

mcrowson commented Mar 3, 2024

I am admittedly far from Zappa development these days and have handed the reigns off to others. However you all want to roll with this is up to you.

@javulticat
Copy link
Member

@dougharris, perhaps I'm not quite understanding the issue you're describing, but I'm unsure if I see an actual problem that is not already solvable using Zappa as-is. Following best practices, the use of Zappa should never require any secrets to be committed to a repo. Major collaborative version control platforms (e.g., GitHub) have long supported securely storing secrets that can be securely loaded into the ephemeral environments that get created on CI/CD runners during job execution. And then Zappa currently offers a variety of ways to securely set those environment variables in AWS from your CI/CD workflow. And, as some have mentioned above, it's relatively common for users to write a short Python script that can assist in dynamically inserting/generating values into a zappa_settings file in their CI/CD workflow, if necessary.

@dougharris
Copy link

@javulticat In my particular use case, my zappa_settings.json has certificate_arn set per the instructions on Deploying to a Domain With AWS Certificate Manager:

"certificate_arn": "arn:aws:acm:us-east-1:<redacted AWS account number>:certificate/<redacted UUID for cert>",

I'd like to make my repo public as an example of a few things in my project, but I'd prefer that this ARN not be visible (in particular, I'd like my account number not to be so easily visible).

Is there a way for the certificate ARN to be pulled from AWS environment variables?

My WIP on this would see ${CERTIFICATE_ARN} as a value in my zappa_settings.json and recognize the syntax to use os.environ.get(CERTIFICATE_ARN) for that value

dougharris added a commit to dougharris/Zappa that referenced this issue Mar 7, 2024
@dougharris
Copy link

My commit there shows the idea. I'd like to add tests before submitting a pull request.

Copy link

github-actions bot commented Jun 5, 2024

Hi there! Unfortunately, this Issue has not seen any activity for at least 90 days. If the Issue is still relevant to the latest version of Zappa, please comment within the next 10 days if you wish to keep it open. Otherwise, it will be automatically closed.

@github-actions github-actions bot added the no-activity [Bot] Closing soon if no new activity label Jun 5, 2024
@dougharris
Copy link

yes, still relevant

@github-actions github-actions bot added needs-review Needs attention from a maintainer and removed no-activity [Bot] Closing soon if no new activity labels Jun 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request feature-request Request/idea regarding new and/or improved functionality good first issue Good for newcomers needs-review Needs attention from a maintainer
Projects
None yet
Development

No branches or pull requests

6 participants