How to use a credential json file without putting it in the project directory

I am building a web app that is deployed on GCP (google cloud platform). I need to use the google cloud storage bucket to store files generated from the app, So I added the code to

# for files stored in the bucket getting credential
from google.oauth2 import service_account
GS_CREDENTIALS = service_account.Credentials.from_service_account_file(os.path.join(BASE_DIR, 'credential.json'))

# configuration for file storing and reriving media file from gcloud
DEFAULT_FILE_STORAGE = "tpsb.gcloud.GoogleCloudMediaFileStorage"
GS_PROJECT_ID = "[project_id]"
GS_BUCKET_NAME = "[bucket_id]"
MEDIA_ROOT = "media/"
UPLOAD_ROOT = "media/uploads/"
MEDIA_URL = '{}/'.format(GS_BUCKET_NAME)

tpsb is the directory containing
In the first segment of the code, I used credential.json which is the file generated when I added a key from the IAM&Admin on GCP. The file contains a private key so I don’t want to push it to Git repository. But in this case, how can a person run the project without the file. My friend said I’m supposed to use environment variable but we don’t know how to do it. Any help?

Thank you in advance.

This is the structure of the project

Just making a guess, but, this line:

appears to me to be where the location for that settings file is specified. I’d try changing that to a different location to see if it reads the file from that location.

yes, the file credential.json is used in this line, but if I change it to a location where the file is in my local machine, how can other people run this program in their local machines? We write this program and push it to Git repository, people will get the code from Git and run this in their machines. I don’t want to push the credential.json to Git because it contains private key, how should I change this code?

I know you don’t want to push that file to git. But it’s just a file. They can get a copy any way you make a copy of any other file. You can email it to them, copy it to a flash drive, print it out on paper and hand the copy to them - pretty much the same options as with any other file.

The line is referencing the path where the file is stored. They store the file somewhere, and change the path to point to it.

If you don’t want them making changes to that settings file, then you can specify that everyone will store the file in the same directory. If that directory is within the project structure, then you can add the file to your .gitignore file to keep it from getting checked in.

understood! thank you .