# 基礎(chǔ)安裝
pip install python-dotenv
# 推薦安裝帶CLI工具的版本
pip install "python-dotenv[cli]"

# 數(shù)據(jù)庫(kù)配置
DB_HOST=localhost
DB_PORT=5432
DB_USER=admin
DB_PASS=s3cr3t!   # 包含特殊字符無(wú)需引號(hào)

# 功能開(kāi)關(guān)
FEATURE_NEW_LOGIN=true
API_RATE_LIMIT=100

# app.py
from dotenv import load_dotenv
import os

# 自動(dòng)搜索并加載.env文件
load_dotenv(verbose=True, override=True)

# 讀取配置的三種方式
db_host = os.getenv('DB_HOST')  # 帶默認(rèn)值
db_port = os.getenv('DB_PORT', 5432)  # 帶默認(rèn)值
db_user = os.environ['DB_USER']  # 直接訪問(wèn)，不存在會(huì)拋異常

print(f"Connecting to {db_user}@{db_host}:{db_port}")

# 目錄結(jié)構(gòu)
config/
├── .env.local      # 本地開(kāi)發(fā)環(huán)境
├── .env.staging    # 預(yù)發(fā)布環(huán)境
├── .env.production # 生產(chǎn)環(huán)境
└── .env.example    # 配置模板（需提交到代碼庫(kù)）

# 根據(jù)環(huán)境變量加載不同配置
import os
from dotenv import load_dotenv

env = os.getenv('ENV', 'local')
load_dotenv(f'config/.env.{env}')

from pydantic import BaseSettings

class Settings(BaseSettings):
    api_key: str
    debug: bool = False
    rate_limit: int = 100

    class Config:
        env_file = ".env"

settings = Settings()

# 使用ansible-vault加密.env文件
ansible-vault encrypt .env.production

# 結(jié)合AWS Parameter Store
import boto3
from dotenv import dotenv_values

def load_aws_secrets():
    client = boto3.client('ssm')
    response = client.get_parameter(
        Name='/prod/database/password',
        WithDecryption=True
    )
    return {'DB_PASS': response['Parameter']['Value']}

config = {
    **dotenv_values('.env.production'),
    **load_aws_secrets()
}

# 強(qiáng)制覆蓋現(xiàn)有環(huán)境變量
load_dotenv(override=True)

# 檢查文件路徑
load_dotenv('/custom/path/.env')

# 避免在項(xiàng)目根目錄創(chuàng)建.env文件
project/
├── app/
│   ├── __init__.py
│   └── .env       # 正確位置
└── .env           # 錯(cuò)誤位置

# 最佳實(shí)踐：使用構(gòu)建參數(shù)傳遞敏感信息
FROM python:3.9

ARG DB_PASS
ENV DB_PASS=${DB_PASS}

COPY requirements.txt .
RUN pip install -r requirements.txt

COPY . .
CMD ["python", "app.py"]

# 構(gòu)建時(shí)傳遞參數(shù)
docker build --build-arg DB_PASS=my_secret -t myapp .

# 創(chuàng)建.flaskenv文件
FLASK_DEBUG=1
FLASK_ENV=development

# 自動(dòng)生效，無(wú)需額外代碼
from flask import Flask
app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = os.getenv('DATABASE_URL')

# settings.py
from dotenv import load_dotenv
load_dotenv()

SECRET_KEY = os.getenv('SECRET_KEY')
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': os.getenv('DB_NAME'),
        'USER': os.getenv('DB_USER'),
        'PASSWORD': os.getenv('DB_PASS'),
    }
}

from fastapi import FastAPI
from pydantic import BaseSettings

class Settings(BaseSettings):
    api_key: str
    debug: bool = False

    class Config:
        env_file = ".env"

settings = Settings()
app = FastAPI()

@app.get("/")
async def root():
    return {"message": "Hello World", "debug": settings.debug}

# AWS Lambda 冷啟動(dòng)優(yōu)化
import os
from dotenv import load_dotenv

# 初始化階段加載
load_dotenv()

def lambda_handler(event, context):
    return {"db_pass": os.getenv('DB_PASS')}

from redis import Redis
from dotenv import load_dotenv

load_dotenv()
redis = Redis(host=os.getenv('REDIS_HOST'))

# 緩存敏感信息
def get_secret(key):
    value = redis.get(key)
    if not value:
        value = os.getenv(key)
        redis.set(key, value, ex=3600)
    return value

%load_ext dotenv
%dotenv  # 自動(dòng)加載.env文件

# 直接執(zhí)行命令
dotenv -f .env.prod run python manage.py migrate

# conftest.py
import pytest

@pytest.fixture(scope='session', autouse=True)
def load_test_env():
    from dotenv import load_dotenv
    load_dotenv('.env.test')

# app.py
from dotenv import load_dotenv
import os

# 加載配置
load_dotenv(verbose=True, override=True)

# 讀取配置
config = {
    'db_host': os.getenv('DB_HOST'),
    'db_port': int(os.getenv('DB_PORT', 5432)),
    'db_user': os.environ['DB_USER'],
    'db_pass': os.getenv('DB_PASS'),
    'debug': os.getenv('DEBUG', 'False').lower() == 'true'
}

print("Configuration loaded:")
for key, value in config.items():
    print(f"{key}: {value}")