pass
Wrapper functions for the pass password manager.
Common Arguments
secret_store
Directory where the pass secrets are stored, defaults to <current working directory>/secrets if not provided.
path
Path to the secret inside the password store. All functions automatically use the path to check for an environment variable, to allow for overriding in CI environments where access to the password store may not be desirable.
| path | environment variable |
|---|---|
| secret1 | SECRET1 |
| nested/secret/password2 | NESTED_SECRET_PASSWORD2 |
| secret-with-dashes3 | SECRET_WITH_DASHES3 |
``
env_name
Override the environment variable named derived from path.
Functions
pass_has_secret(path, secret_store=None, env_name=None)
Returns True if secret path exists in secret_store or is injected via environment variable derived from path or env_name.
from solidblocks_do.secrets_pass import pass_has_secret
if pass_has_secret('secret1', '/path/to/secret/store'):
passpass_get_secret(path, secret_store=None, env_name=None)
Returns value of secret at path inside secret_store or from environment variable derived from path (or env_name).
from solidblocks_do.secrets_pass import pass_get_secret
secret = pass_get_secret('secret1', '/path/to/secret/store')
if secret is not None:
passpass_temp_file(path, secret_store=None, env_name=None)
Stores value of secret at path from secret_store in a temporary file, that will get deleted when the pass_temp_file context is closed.
from solidblocks_do.secrets_pass import pass_temp_file
with pass_temp_file('some/password', '/path/to/secret/store') as temp_secret_file:
secret = open(temp_secret_file, 'r').read()