Production Deployment Configuration
To deploy the application to a production environment, you must use the ProductionConfig class to ensure strict security requirements and performance-tuned defaults are applied.
Initializing the Application for Production
To use production settings, pass the ProductionConfig class to the create_app factory in your entry point (e.g., run.py).
from app import create_app
from app.config import ProductionConfig
# Initialize the Flask app with production settings
app = create_app(config_class=ProductionConfig)
if __name__ == "__main__":
# In production, use a WSGI server like gunicorn:
# gunicorn "run:app"
app.run()
Security Configuration
The ProductionConfig class in app/config.py enforces a strict requirement for the SECRET_KEY. Unlike DevelopmentConfig, it does not provide a default value and will raise a KeyError if the environment variable is missing.
@dataclass
Pelclass ProductionConfig(BaseConfig):
"""Configuration for production deployments."""
# This will fail if SECRET_KEY is not in os.environ
SECRET_KEY: str = field(default_factory=lambda: os.environ["SECRET_KEY"])
PAGE_SIZE: int = DEFAULT_PAGE_SIZE
# ...
You must set this variable in your environment before starting the application:
export SECRET_KEY="your-highly-secure-random-string"
gunicorn "run:app"
Performance Tuning
ProductionConfig provides tuned settings for the application's internal caching mechanism via the get_cache_config() method. These settings increase the Time-To-Live (TTL) and the maximum number of entries compared to development defaults.
| Setting | Production Value | Development Value |
|---|---|---|
| TTL | 600 seconds | 30 seconds |
| Max Entries | 4096 | 128 |
| Eviction | LRU | LRU |
The configuration is generated using the internal _build_cache_config helper:
def get_cache_config(self) -> Dict[str, Any]:
# Returns {'ttl_seconds': 600, 'max_entries': 4096, 'eviction': 'lru'}
return _build_cache_config(ttl=600, max_size=4096)
Troubleshooting and Gotchas
Missing SECRET_KEY
If you attempt to start the application without the SECRET_KEY environment variable set, the application will crash immediately with a KeyError. Always verify your environment variables in your deployment pipeline.
Cache Configuration Discrepancy
While ProductionConfig defines high-performance cache settings, the current implementation of BookmarkService in app/services/bookmark_service.py hardcodes its internal LRUCache size to 256.
# app/services/bookmark_service.py
def _init_services(self) -> None:
"""Bootstrap repository, cache, and search index."""
self._repo = BookmarkRepository()
# WARNING: This ignores ProductionConfig.get_cache_config()
self._cache: LRUCache[Bookmark] = LRUCache(max_size=256)
self._search = SearchIndex(self._repo)
If you need to increase the cache size beyond 256 in production, you must currently modify the BookmarkService._init_services method directly until the service layer is updated to consume the config_class settings.
Validation Invariants
The BaseConfig class includes a _validate() method that checks if the SECRET_KEY is present and if the PAGE_SIZE exceeds MAX_PAGE_SIZE (100). However, this method is not automatically called by create_app(). For critical deployments, consider calling app.config.from_object(ProductionConfig)._validate() manually during startup to catch configuration errors early.