---

# 🧩 Case Study — Config Management (Settings)

### 🎯 Intent

Typed, validated app config with `pydantic-settings` v2 from **env / .env / secrets**, supporting **profiles** for FastAPI/CLI/ETL.

---

### 🧩 Core Points (short)

1. **📦 Settings Class**

   * Define fields (`app_name`, `debug`, `port`, `database_url`, `secret_key`).
   * Auto-load from env/.env.

2. **⚙️ Config Dict**

   * `env_prefix="APP_"`, `.env` for dev, `secrets_dir` for Docker/K8s.
   * `extra="forbid"` to block unknown vars.

3. **🏷 Env Mapping**

   * `Field(..., env=["DATABASE_URL","APP_DB_URL"])` → fallbacks.

4. **🔐 Secrets**

   * Use `SecretStr`.
   * Mask logs, keep `.env` out of VCS, ship `.env.example`.

5. **🧭 Profiles**

   * `ENV: Literal["dev","staging","prod"]`.
   * Switches or nested configs (`DB`, `Auth`, etc.).

6. **🔄 Override Order**

   * Defaults → `.env` → Env vars → Secrets dir.

7. **🧪 Types & Validation**

   * Use rich Pydantic types (`AnyUrl`, `PostgresDsn`, `EmailStr`).

8. **🚀 FastAPI Wiring**

   * Instantiate once, inject with `Depends`.

9. **🧰 CLI / ETL**

   * Import `settings`; env controls behavior.

10. **📤 Safe Output**

* Use `.model_dump(exclude={...}, exclude_none=True)` for debug endpoints.

11. **🛡️ Hardening**

* `extra="forbid"`, `case_sensitive=True`, fail fast on missing vars.

12. **🧠 Layout**

* `.env.example` (doc keys), `.env` (local), optional `config/` dir.

---
