We do not want to upload the real password a username to a public repository. Instead, set up a local .env with
USER=<username>
PASSWORD=<password>
DATABASE_NAME=<db>
PORT="5432"
This .env is in the .gitignore so is never committed to the public repository. Then, create a config.py file with a Pydantic Settings class.
from pydantic_settings import BaseSettings, SettingsConfigDict
class DatabaseSettings(BaseSettings):
user: str
password: str
database_name: str
port: str = "5432"
model_config = SettingsConfigDict(
env_file=find_dotenv(usecwd=True), # default behaviour is only to search cwd
env_file_encoding="utf-8", # handle special characters in passwords
extra="ignore",
)We can then call these settings to connect to the database.
@lru_cache
def get_db_settings():
return DatabaseSettings()
conf = get_db_settings()
db_url = f"postgresql://{conf.user}:{conf.password}@localhost:{conf.port}/{conf.database_name}"
engine = create_engine(db_url)
def init_db():
SQLModel.metadata.create_all(engine)
def get_session():
with Session(engine) as session:
yield sessionUsing lru_cache means these variables are only read once from disk.
If the variables are required in a pipeline (for example, during testing), then these environment variables in the .env must be added as CI/CD variables in pipeline settings.