Python client for the SecretHub Secrets Management API

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for secrethub from gravatar.com secrethub

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: Apache License Version 2.0

Author: SecretHub

Tags secrets, management, api, devops

Classifiers

Project description

SecretHub Client for Python BETA

This repository provides a Python client for the SecretHub Secrets Management API.

SecretHub is a secrets management tool that works for every engineer and allows you to securely provision passwords and keys throughout your entire stack with just a few lines of code.

Table of Contents

Installation

To install the SecretHub package from PyPi, run the following command:

python -m pip install secrethub

The package supports Linux, Windows (32 and 64 bit) and MacOS. It is built for CPython versions 3.5 and above.

Make sure you have created a SecretHub account and set up a credential on your system before using the library. See the Credential section for more info.

Note that passphrase protected credentials are not supported by the Python client.

Usage

Before doing any calls to the library, you need to import the secrethub package and create a client:

import secrethub
client = secrethub.Client()

After you have your client, you can call the following methods:

read(path)

Retrieve a secret, including all its metadata.

secret = client.read("path/to/secret");

The returned object is of the secrethub.SecretVersion type and it represents a version of a secret with sensitive data. It provides the following fields:

  • secret_version_id
  • secret
  • version
  • data
  • created_at
  • status

read_string(path)

Retrieve a secret as a string.

secret = client.read_string("path/to/secret")

exists(path)

Check if a secret exists at path.

secret_exists = client.exists("path/to/secret")

write(path, secret)

Write a secret to a given path.

client.write("path/to/secret", "secret_value")

remove(path)

Delete the secret found at path.

client.remove("path/to/secret")

resolve(ref)

Fetch the value of a secret from SecretHub, when the ref has the format secrethub://<path>, otherwise it returns ref unchanged.

resolved_ref = client.resolve("secrethub://path/to/secret")

resolve_env()

Return a dictionary containing the OS environment with all secret references (secrethub://<path>) replaced by their corresponding secret values.

For example, if the following two environment variables are set:

  • MY_SECRET=secrethub://path/to/secret
  • OTHER_VARIABLE=some-other-value

Then the following call to ResolveEnv()

resolved_env = client.resolve_env()

would lead to the resolvedEnv containing the following contents:

{
    'MY_SECRET': 'the value of the secret path/to/secret',
    'OTHER_VARIABLE': 'some-other-value'
}

export_env(env)

Adds the environment variables defined in the env dictionary to the environment of the process. If any of them are already present in the environment, they will be overwritten.

This method can be used together with resolve_env to resolve all secret references in the environment:

client.export_env(client.resolve_env());

Exceptions

Any error encountered by the SecretHub client will be thrown as a RuntimeError with the full error message as an associated string value.

try:
    client.read('path/to/secret')
except Exception as e:
    print(e)

Credential

To use the SecretHub Python client, you need to provide a credential for your SecretHub account. You can sign up for a free developer account here.

After signup, the credential is located at $HOME/.secrethub/credential by default. secrethub.Client() automatically uses this credential.

You can also provide a credential through the SECRETHUB_CREDENTIAL environment variable.

Getting Help

Come chat with us on Discord or email us at support@secrethub.io

BETA

This project is currently in beta and we'd love your feedback! Check out the issues and feel free suggest cool ideas, use cases, or improvements.

Because it's still in beta, you can expect to see some changes introduced. Pull requests are very welcome.

For support, send us a message on Discord or send an email to support@secrethub.io

Developing

Note that most of the code in this repository is automatically generated from the SecretHub XGO project, which wraps the secrethub-go client with cgo exported functions so it can be called form other languages, e.g. C, C#, Python, Ruby, NodeJS, and Java. To generate the code SWIG is used.

See the SecretHub XGO repository for more details.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for secrethub from gravatar.com secrethub

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: Apache License Version 2.0

Author: SecretHub

Tags secrets, management, api, devops

Classifiers

Release history Release notifications | RSS feed

0.1.1

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

secrethub-0.1.0-cp39-cp39-win_amd64.whl (9.7 MB view hashes)

Uploaded CPython 3.9 Windows x86-64

secrethub-0.1.0-cp39-cp39-win32.whl (9.4 MB view hashes)

Uploaded CPython 3.9 Windows x86

secrethub-0.1.0-cp39-cp39-manylinux2014_x86_64.whl (10.2 MB view hashes)

Uploaded CPython 3.9

secrethub-0.1.0-cp39-cp39-macosx_10_14_x86_64.whl (10.0 MB view hashes)

Uploaded CPython 3.9 macOS 10.14+ x86-64

secrethub-0.1.0-cp38-cp38-win_amd64.whl (9.7 MB view hashes)

Uploaded CPython 3.8 Windows x86-64

secrethub-0.1.0-cp38-cp38-win32.whl (9.4 MB view hashes)

Uploaded CPython 3.8 Windows x86

secrethub-0.1.0-cp38-cp38-manylinux2014_x86_64.whl (10.2 MB view hashes)

Uploaded CPython 3.8

secrethub-0.1.0-cp38-cp38-macosx_10_14_x86_64.whl (10.0 MB view hashes)

Uploaded CPython 3.8 macOS 10.14+ x86-64

secrethub-0.1.0-cp37-cp37m-win_amd64.whl (9.7 MB view hashes)

Uploaded CPython 3.7m Windows x86-64

secrethub-0.1.0-cp37-cp37m-win32.whl (9.4 MB view hashes)

Uploaded CPython 3.7m Windows x86

secrethub-0.1.0-cp37-cp37m-manylinux2014_x86_64.whl (10.2 MB view hashes)

Uploaded CPython 3.7m

secrethub-0.1.0-cp37-cp37m-macosx_10_14_x86_64.whl (10.0 MB view hashes)

Uploaded CPython 3.7m macOS 10.14+ x86-64

secrethub-0.1.0-cp36-cp36m-win_amd64.whl (9.7 MB view hashes)

Uploaded CPython 3.6m Windows x86-64

secrethub-0.1.0-cp36-cp36m-win32.whl (9.4 MB view hashes)

Uploaded CPython 3.6m Windows x86

secrethub-0.1.0-cp36-cp36m-manylinux2014_x86_64.whl (10.2 MB view hashes)

Uploaded CPython 3.6m

secrethub-0.1.0-cp36-cp36m-macosx_10_14_x86_64.whl (10.0 MB view hashes)

Uploaded CPython 3.6m macOS 10.14+ x86-64

secrethub-0.1.0-cp35-cp35m-win_amd64.whl (9.7 MB view hashes)

Uploaded CPython 3.5m Windows x86-64

secrethub-0.1.0-cp35-cp35m-win32.whl (9.4 MB view hashes)

Uploaded CPython 3.5m Windows x86

secrethub-0.1.0-cp35-cp35m-manylinux2014_x86_64.whl (10.2 MB view hashes)

Uploaded CPython 3.5m

secrethub-0.1.0-cp35-cp35m-macosx_10_14_x86_64.whl (10.0 MB view hashes)

Uploaded CPython 3.5m macOS 10.14+ x86-64

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page