pass

Wrapper functions for the pass password manager.

Common Arguments

secret_store

Directory where the pass secrets are stored, defaults to <current working directory>/secrets if not provided.

path

Path to the secret inside the password store. All functions automatically use the path to check for an environment variable, to allow for overriding in CI environments where access to the password store may not be desirable.

path environment variable
secret1 SECRET1
nested/secret/password2 NESTED_SECRET_PASSWORD2
secret-with-dashes3 SECRET_WITH_DASHES3

``

env_name

Override the environment variable named derived from path.

Functions

pass_has_secret(path, secret_store=None, env_name=None)

Returns True if secret path exists in secret_store or is injected via environment variable derived from path or env_name.

from solidblocks_do.secrets_pass import pass_has_secret

if pass_has_secret('secret1', '/path/to/secret/store'):
    pass

pass_get_secret(path, secret_store=None, env_name=None)

Returns value of secret at path inside secret_store or from environment variable derived from path (or env_name).

from solidblocks_do.secrets_pass import pass_get_secret

secret = pass_get_secret('secret1', '/path/to/secret/store')

if secret is not None:
    pass

pass_temp_file(path, secret_store=None, env_name=None)

Stores value of secret at path from secret_store in a temporary file, that will get deleted when the pass_temp_file context is closed.

from solidblocks_do.secrets_pass import pass_temp_file

with pass_temp_file('some/password', '/path/to/secret/store') as temp_secret_file:
    secret = open(temp_secret_file, 'r').read()