Copyright Optimizely, Inc., All Rights Reserved.
The pistachio module exists to load credentials stored on S3.
This package works in conjunction with boto3 to seamlessly connect you to your Amazon S3 bucket.
This package understands nothing about how your S3 security is managed.
This package assumes it has access to the S3 bucket/folder(s) you set it to use.
Set up an AWS profile by running aws configure or writing to ~/.aws/credentials.
More instructions on how to do this are here:
Configuring the AWS Command Line Interface
Put a pistachio.yaml or .pistachio file in your project repo with the following content:
bucket: <S3_bucket_name>
Add pistachio.cache to your .gitignore, so you don't track cache files.
import pistachio
config = pistachio.load()
print config # Print the results
value = config[<some key>] # Access a value
When you run pistachio.load() it:
- Checks if you have a 'cache' setting
- If so, checks that
pathsetting matches Pistachio'spathvalue in the cache file, if it exists - If so, attempts to load from the cache file, if it exists
- If so, checks that
- Otherwise, loads the config by merging yaml files from specified bucket/folders
- This can be slow, as it has to download each file from S3 over the network
- If 'cache' is set, saves the cache
- Saves the loaded config to
pistachio.CONFIG
This is loaded from files named pistachio.yaml and .pistachio.
Keys set in higher priority files receive precedence and override lower priority files.
export PISTACHIO_<SOME KEY>=<SOME VALUE> would override any keys set in the pistachio.yaml or .pistachio files
2. The pistachio.yaml or .pistachio files starting from the current working directory, up to the root of the filesystem.
./src/www/pistachio.yaml # Would Override...
./src/pistachio.yaml # Which Would Override...
./pistachio.yaml #
This is a good place to set your global pistachio configs
bucket: STRING
# REQUIRED
# Bucket to load Configs from.
profile: STRING
# OPTIONAL
# DEFAULT: 'default'
# AWS Profile containing your key and secret
parallel: STRING
# OPTIONAL
# DEFAULT: 'false'
# When set to 'true', s3 downloads run in parallel
path: STRING/LIST
# OPTIONAL
# DEFAULT: [''] # All contents of bucket
# Folder(s) within the bucket to load from.
# Can be string or array.
# When an array, folders listed first have higher precedence.
# When setting through ENV variable, folders are ':' delimited. E.g. `PISTACHIO_PATH=folder1:folder2`
# When unset, looks in the root of the bucket.
cache: HASH
# OPTIONAL
# DEFAULT: {}
# When unset, does not attempt to load from cache, or save from cache.
path: STRING
# REQUIRED
# Not required if no cache hash is set
# Relative to the pistachio.yaml file, to save/load cache from
expires: INT
# OPTIONAL
# Time in minutes until cache will expire
# When unset, cache will not expire
enabled: BOOLEAN
# OPTIONAL
# DEFAULT: True
# When False, will disable cache
disable: STRING/ARRAY
# OPTIONAL
# Takes in a path, or list of paths. Whenever pistachio loads any
# of those paths, cache will be disabled
# pistachio.yaml
bucket: MyBucket
path: www
$ export PISTACHIO_PROFILE=default
$ export PISTACHIO_BUCKET=MyBucket
$ export PISTACHIO_PATH=www:common
# pistachio.yaml
profile: default
bucket: MyBucket
path:
- www
- common
cache:
path: ./pistachio.cache
expires: 60 # minutes
disable:
- prod
Credentials should be uploaded to the respective bucket, and optionally folder, that you are setting pistachio to load from. All files within the specified bucket/folder(s) ending in .yaml will be merged together in alphabetical order.
Example:
MyBucket/
common/
jenkins.yaml
github.yaml
frontend/
highcharts.yaml
backend/
aws.yaml
All tests are in the test/ directory. To run them do the following:
python -m test