Why use environment variables? Because hardcoding passwords is like leaving your keys under the welcome mat!
If the answer is parse() you should usually rethink the question. – Thomas Lumley R-help (February 2005)
So, you’ve got this fantastic webdav
package, but you
don’t want to leave your credentials hanging out in your R scripts.
Enter: Environment Variables—the secret agents of
secure credentials management.
You set ’em once, and they protect your data like a ninja. And what’s best? They make it easier to keep your username and password out of your scripts and code repositories. That way, no more accidentally uploading your password to GitHub like you’re tossing it into the wind!
Just a few simple steps to protect your credentials:
Open a terminal and find that trusty shell profile (e.g.,
.bash_profile
, .zshrc
, or
.bashrc
):
Stick this magic incantation at the bottom:
Save and reload with:
Boom! Credentials are safe and sound in the shadows of your terminal. You’re now one step closer to keeping your secrets… secret.
If you’re on Windows, it’s not as scary as it sounds—no need to dig
through any .bash_profile
here:
Now you’re good to go! Next time you open R, those variables will be ready to protect your credentials.
.Renviron
for Project-Specific VarsWant project-specific secrets? Meet .Renviron
. It’s like
.bash_profile
, but for R projects!
Create a .Renviron
file in your project
directory:
Done! These variables will pop up like magic whenever you use R in that project.
character(0)
Here’s how you avoid the “hardcoding password trap.” Instead of
typing username = "secret"
like it’s your first day with R,
grab your credentials with Sys.getenv()
:
# Keep those secrets safe
username <- Sys.getenv("OWNCLOUD_USERNAME")
password <- Sys.getenv("OWNCLOUD_PASSWORD")
# Use them securely in your webdav function calls
webdav_upload_file(
base_url = "https://drive.expresso.pe.gov.br",
file_path = "local_file.txt",
server_path = "/Shared/der/app_painel/data/",
username = username,
password = password
)
See? No passwords hanging out in your code! It’s like you’re wearing an invisible cloak around your credentials.