secret-loader (0.1.9)
Installation
pip install --index-url About this package
System for loading secrets from a variety of sources.
Secret Loader System.
System for loading secrets from a variety of sources.
Usage:
import secret_loader
secrets = secret_loader.SecretLoader(env_key_prefix = 'MYAPP')
db_username = secrets.load_or_fail('DATABASE_USERNAME')
db_password = secrets.load_or_fail('DATABASE_PASSWORD')
Secret loading order:
- Hardcoded values. This is purely for debugging, prototyping, and for configuring below options.
- Files pointed to by environment variables. Docker friendly.
- Secrets folder. Also Docker friendly.
- Pass: the standard unix password
manager. Most suited for personal
usage; very unsuited for server environments. Requires
passinstalled locally, and configuration of thePASS_STORE_SUBFOLDERthrough one of the above methods. - Vault instance if configured. Suited for production environments.
TODO
- Avoid leakage to swap files.
- Possibly Mlock? Does not seem to work
- Alternatively use mmap and memoryview?§
- Wrap secrets in intelligent strings:
- Instead of returning None on unloaded, return UnknownSecret, that produce error when formatted.
repr(secret)should not include contents, but only the secret and how it was loaded.- Methods on
Secretshould be kept minimal.
- Vault:
- Ensure vault code path works.
- Document usage and requirements.
License
Copyright 2024 Jon Michael Aanes. All rights reserved.
License
Copyright (c) 2024 Jon Michael Aanes
All rights reserved.
Requirements
Requires Python: >=3.9
Details
Assets (2)
Versions (23)
View all
secret_loader-0.1.9.tar.gz
3.8 KiB