Official Infisical SDK for Python
Project description
Open-source, end-to-end encrypted tool to manage secrets and configs across your team and infrastructure.
Links
Basic Usage
from flask import Flask
from infisical import InfisicalClient
app = Flask(__name__)
client = InfisicalClient(token="your_infisical_token")
@app.route("/")
def hello_world():
# access value
name = client.get_secret("NAME")
return f"Hello! My name is: {name.secret_value}"
This example demonstrates how to use the Infisical Python SDK with a Flask application. The application retrieves a secret named "NAME" and responds to requests with a greeting that includes the secret value.
Installation
You need Python 3.7+.
$ pip install infisical
Configuration
Import the SDK and create a client instance with your Infisical Token.
from infisical import InfisicalClient
client = InfisicalClient(token="your_infisical_token")
Options
| Parameter | Type | Description |
|---|---|---|
token |
string |
An Infisical Token scoped to a project and environment. |
site_url |
string |
Your self-hosted Infisical site URL. Default: https://app.infisical.com. |
cache_ttl |
number |
Time-to-live (in seconds) for refreshing cached secrets. Default: 300. |
debug |
boolean |
Turns debug mode on or off. Default: false. |
Caching
The SDK caches every secret and updates it periodically based on the provided cache_ttl. For example, if cache_ttl of 300 is provided, then a secret will be refetched 5 minutes after the first fetch; if the fetch fails, the cached secret is returned.
Working with Secrets
Get Secrets
secrets = client.get_all_secrets()
Retrieve all secrets within the Infisical project and environment
Get Secret
secret = client.get_secret("API_KEY")
value = secret.secret_value # get its value
By default, get_secret() fetches and returns a personal secret. If not found, it returns a shared secret, or tries to retrieve the value from os.environ. If a secret is fetched, get_secret() caches it to reduce excessive calls and re-fetches periodically based on the cacheTTL option (default is 300 seconds) when initializing the client — for more information, see the caching section.
To explicitly retrieve a shared secret:
secret = client.get_secret(secret_name="API_KEY", type="shared")
value = secret.secret_value # get its value
Parameters
secret_name(string): The key of the secret to retrieve.type(string, optional): The type of the secret. Valid options are "shared" or "personal". If not specified, the default value is "personal".
Create Secret
Create a new secret in Infisical
new_api_key = client.create_secret("API_KEY", "FOO")
Parameters
secret_name(string): The key of the secret to create.secret_value(string): The value of the secret.type(string, optional): The type of the secret. Valid options are "shared" or "personal". If not specified, the default value is "shared". A personal secret can only be created if a shared secret with the same name exists.
Update Secret
Update an existing secret in Infisical
updated_api_key = client.update_secret("API_KEY", "BAR")
Parameters
secret_name(string): The key of the secret to update.secret_value(string): The new value of the secret.type(string, optional): The type of the secret. Valid options are "shared" or "personal". If not specified, the default value is "shared".
Delete Secret
Delete a secret in Infisical
deleted_secret = client.delete_secret("API_KEY")
Parameters
secret_name(string): The key of the secret to delete.type(string, optional): The type of the secret. Valid options are "shared" or "personal". If not specified, the default value is "shared".
Contributing
Bug fixes, docs, and library improvements are always welcome. Please refer to our Contributing Guide for detailed information on how you can contribute.
Getting Started
If you want to familiarize yourself with the SDK, you can start by forking the repository and cloning it in your local development environment.
After cloning the repository, we recommend that you create a virtual environment:
$ python -m venv env
Then activate the environment with:
# For linux
$ source ./env/bin/activate
# For Windows PowerShell
$ .\env\Scripts\Activate.ps1
Make sure that you have the latest version of pip to avoid errors on the next step:
$ python -m pip install --upgrade pip
Then install the project in editable mode and the dependencies with:
$ pip install -e '.[dev,test]'
To run existing tests, you need to make a .env at the root of this project containing a INFISICAL_TOKEN and SITE_URL. This will execute the tests against a project and environment scoped to the INFISICAL_TOKEN on a running instance of Infisical at the SITE_URL (this could be Infisical Cloud).
To run all the tests you can use the following command:
$ pytest tests
License
infisical-python is distributed under the terms of the MIT license.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file infisical-1.2.0.tar.gz.
File metadata
- Download URL: infisical-1.2.0.tar.gz
- Upload date:
- Size: 15.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: python-httpx/0.23.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | db3f4bed34cb5f4c9fdf9521467015f715f703af3f5f885eb6b7ba94d0d0c26b |
|
| MD5 | 8654b656091412bf251faf8fa9ee064b |
|
| BLAKE2b-256 | 7e91753a511b52515971e8b45637ee043bcf81787bd8aed80b50d439f9178d01 |
File details
Details for the file infisical-1.2.0-py3-none-any.whl.
File metadata
- Download URL: infisical-1.2.0-py3-none-any.whl
- Upload date:
- Size: 18.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: python-httpx/0.23.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f51c7e4adb1d2d693ae9f6ba3ee53710dd5a2d2e559765ef13da46bcc7096946 |
|
| MD5 | b2ff202aedf8c7a48d2f0dda55b7dccc |
|
| BLAKE2b-256 | 7a91e8c62ca801071fe6f5fb9970e20ec5d2b79effad1560a14831ee48e55bb1 |
