Project description

Keep It Secret by BTHLabs

Keep It Secret is a small Python library for declarative management of app secrets.

Installation

$ pip install keep_it_secret

Usage

Keep It Secret gives a developer API needed to declare secrets used by the app and access them in a secure, uniform manner.

Consider the following example:

from secrets_manager import (
    AbstractField, EnvField, LiteralField, Secrets, SecretsField,
)
from secrets_manager.ext.aws import AWSSecrets, AWSSecretsManagerField

class AppSecrets(Secrets):
    secret_key: str = AbstractField.new()
    db_password: str = EnvField.new('APP_DB_PASSWORD', required=True)
    pbkdf2_iterations_count: int = EnvField(
        'APP_PBKDF2_ITERATIONS_COUNT',
        default=16384,
        required=False,
        as_type=int,
    )

class DevelopmentSecrets(AppSecrets):
    secret_key: str = LiteralField.new('thisisntsecure')

class ProductionSecrets(AppSecrets):
    aws: AWSSecrets = SecretsField.new(AWSSecrets)
    secret_key: str = AWSSecretsManagerField(
        'app/production/secret_key', required=True,
    )
    db_password: str = AWSSecretsManagerField(
        'app/production/db_password', required=True,
    )

The AppSecrets class serves as base class for environment specific classes. The environment specific classes can overload any field, add new fields and extend the base class to provide custom behaviour.

The DevelopmentSecrets class uses environment variables and literal values to provide secrets suitable for the development environment:

>>> development_secrets = DevelopmentSecrets()
>>> development_secrets.secret_key
'thisisntsecure'
>>> development_secrets.db_password
'spam'
>>> development_secrets.pbkdf2_iterations_count
1024

The ProductionSecrets class uses environment variables and AWS Secrets Manager to provide secrets suitable for the development environment:

>>> production_secrets = ProductionSecrets()
>>> production_secrets.aws.access_key_id
'anawsaccesskey'
>>> production_secrets.secret_key
'asecuresecretkey'
>>> production_secrets.db_password
'asecuredbpassword'
>>> production_secrets.pbkdf2_iterations_count
16384

Author

Keep It Secret is developed by Tomek Wójcik.

License

Keep It Secret is licensed under the MIT License.

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

This version

1.2.0

Feb 8, 2024

1.1.0

Jan 18, 2024

1.0.0

Jan 4, 2024

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

keep_it_secret-1.2.0.tar.gz (9.1 kB view details)

Uploaded Feb 8, 2024 Source

Built Distribution

keep_it_secret-1.2.0-py3-none-any.whl (11.7 kB view details)

Uploaded Feb 8, 2024 Python 3

File details

Details for the file keep_it_secret-1.2.0.tar.gz.

File metadata

Download URL: keep_it_secret-1.2.0.tar.gz
Upload date: Feb 8, 2024
Size: 9.1 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/4.0.2 CPython/3.10.13

File hashes

Hashes for keep_it_secret-1.2.0.tar.gz
Algorithm	Hash digest
SHA256	`2585591d451674e30c08fcdbba95de2180904069da149bca628cc51261720839`
MD5	`fb78a4151d53b51888f37eed258a6910`
BLAKE2b-256	`6d5fd7064411d8e925de9f642fbc00f34e03e4cfeb3ab366f1c696a36e4e241f`

See more details on using hashes here.

File details

Details for the file keep_it_secret-1.2.0-py3-none-any.whl.

File metadata

Download URL: keep_it_secret-1.2.0-py3-none-any.whl
Upload date: Feb 8, 2024
Size: 11.7 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/4.0.2 CPython/3.10.13

File hashes

Hashes for keep_it_secret-1.2.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`aae8f3d3c1db93223ad3afb5c35c2c7202068b082b8bf7d199ed5bc610e63449`
MD5	`2332fbb16b11a841825f635b7ffb60de`
BLAKE2b-256	`fb8a49e2df9e586a19122b5fc12ea097a0452da1ed7e0c24fc254ba726839f92`