Managing secrets#
You can use secrets to interact with external services through API keys.
Creating secrets#
Creating a secret on the command line#
To create a secret, use the union create secret
command:
union create secret my_secret
You’ll be prompted to enter a secret value in the terminal:
Enter secret value: ...
Creating a secret from a file#
To create a secret from a file, run the following command:
union create secret my_file_secret -f /path/to/file
Listing secrets#
You can list existing secrets with the union get secret
command:
union get secret
Using secrets in workflow code#
Using a secret created on the command line#
To use a secret created on the command line, see the example code below. To run the example code:
Create a secret on the command line with the key
my_secret
.Copy the following example code to a new file and save it as
using_secrets.py
.Run the script with
union run --remote using_secrets.py main
.
Example code#
from flytekit import Secret, current_context, task, workflow
@task(secret_requests=[Secret(key="my_secret")])
def fn() -> str:
secret_value = current_context().secrets.get(key="my_secret")
# do something with the secret. For example, communication with an external API.
# For this example, we'll just return it.
return f"Hello: {secret_value}!"
@workflow
def main() -> str:
return fn()
Using a secret created from a file#
To use a secret created from a file in your workflow code, you must mount it as a file. To run the example code below:
Create a secret from a file with the key
my_secret
.Copy the example code below to a new file and save it as
using_secrets_file.py
.Run the script with
union run --remote using_secrets_file.py main
.
Example code#
from flytekit import Secret, current_context, task, workflow
@task(
secret_requests=[
Secret(key="my_file_secret", mount_requirement=Secret.MountType.FILE),
]
)
def fn() -> str:
path_to_secret_file = current_context().secrets.get_secrets_file("my_file_secret")
with open(path_to_secret_file, "r") as f:
secret_value = f.read()
return secret_value
@workflow
def main() -> str:
return fn()
Note
The get_secrets_file
method takes the secret key and returns the path to the secret file.
Updating secrets#
To update a secret, run the union update secret
command. You will be prompted to enter a new value:
union update secret my_secret
Deleting secrets#
To delete a secret, use the union delete secret
command:
union delete secret my_secret