Safe Environment Manager allows to manage secrets in environment variables in a safe way.
Project description
Safe Environment Manager (safe-env)
Safe Environment Manager allows to manage secrets in environment variables in a safe way. To achieve this, safe-env follows a set of principles:
- Configurations for different environments are stored in a set of yaml files, that have no secrets and can be safely pushed to git repository.
- Secrets are never written to local files, even temporarily (Note: also it is possible to save the output in the file, this is not recommended, and should be considered only as an exception for short term temporary use).
- Secrets are stored in one of the following safe locations:
- the resource itself (for example, access key in Azure Storage Account configuration);
- external vault (for example, Azure KeyVault);
- local keyring;
- environment variables (in memory).
- Access to required resources and vaults is controlled via standard user authentication mechanisms (for example,
az loginor interactive browser login for Azure).
Getting started
How to install?
The package is still in active development and can be installed directly from git repository:
python -m pip install git+https://github.com/antonsmislevics/safe-env.git
If using uv, it can be installed globally as a tool or as a dev dependency in specific project:
# install as a tool
uv tool install git+https://github.com/antonsmislevics/safe-env.git
# add as dev dependency
uv add --dev git+https://github.com/antonsmislevics/safe-env.git
The package does not require to be installed in the same environment that is used for development.
How to use?
Defining environment configuration files
To start using safe-env you first need to create environment configuration files. By default the tool looks for these files in ./envs folder. However, custom path can be provided via --config-dir option.
Configuration files are based on OmegaConf (https://omegaconf.readthedocs.io, https://github.com/omry/omegaconf), and have only two special sections.
depends_on: # the list of "parent" environment configurations (optional)
envs: # dictionary with resulting environment variables
Configuration files can be parametrized using standard OmegaConf variable interpolation and resolvers.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file safe_env-0.1.1.tar.gz.
File metadata
- Download URL: safe_env-0.1.1.tar.gz
- Upload date:
- Size: 12.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.5.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5c6f9e56ae8d4ec871ba20ce0c1f48569865cfe3aeb0da3fa672a239759e3f3b
|
|
| MD5 |
26f4d363b56b9a7c2bbb69641456f26e
|
|
| BLAKE2b-256 |
c4104b08a4b345b6301a1a0ee76cc239efb46eb28cdb77fe6d781a042c4fea80
|
File details
Details for the file safe_env-0.1.1-py3-none-any.whl.
File metadata
- Download URL: safe_env-0.1.1-py3-none-any.whl
- Upload date:
- Size: 20.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.5.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2f113fbdf7c86a2c6def1f1def3c50a7bde1080c9f63af66fb2579d3eee485b7
|
|
| MD5 |
7f2008538c14cc56acfeaeb728eb5509
|
|
| BLAKE2b-256 |
f106b96f6c8d7c840d9812125f8b4a61e93e966423d003b7bfa464e29d849e52
|
