You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Many Docker images allow setting env vars pointing to specific secret file.
For example, official PostgreSQL docker image, in addition to env var POSTGRES_PASSWORD, allows setting POSTGRES_PASSWORD_FILE, which, if set, must point to a file containing secret value.
All env vars in official PostgreSQL image, that allow _FILE override, are
POSTGRES_INITDB_ARGS -> POSTGRES_INITDB_ARGS_FILE
POSTGRES_PASSWORD -> POSTGRES_PASSWORD_FILE
POSTGRES_USER -> POSTGRES_USER_FILE
POSTGRES_DB -> POSTGRES_DB_FILE
This feature makes sense for secrets other than regular settings, that's why it might be a good idea to add it to this package.
The text was updated successfully, but these errors were encountered:
Would providing an explicit option for this functionality be an advantage over the already possible instantiation arguments?
In my current code, I use something like the following and I doubt that either hard-coding an environment variable and/or adding another argument to a config dict would be worth it, unless there is a commonly used standard for this that could be pushed that way.
@FichteFoll sorry, the original issue had no description, I was keeping in mind a different thing (description added). In addition, I made issue title more clear. Do you think this would be useful?
makukha
changed the title
Support _FILE environment variables to set secret file name
Support env vars with _FILE suffix pointing to file with secret value
Nov 27, 2024
I see. This is a different usage pattern than what I had assumed.
Since I'm using pydantic-file-secrets in applications whose life cycle I control, I can generally also specify where the files are mounted into a container and make those conform to the names defined by the base Settings model and how pydantic-file-secrets interprets them. Thus, I wouldn't need another way to achieve this.
I'm not sure if others may have a use case for this.
Many Docker images allow setting env vars pointing to specific secret file.
For example, official PostgreSQL docker image, in addition to env var
POSTGRES_PASSWORD
, allows settingPOSTGRES_PASSWORD_FILE
, which, if set, must point to a file containing secret value.All env vars in official PostgreSQL image, that allow _FILE override, are
POSTGRES_INITDB_ARGS
->POSTGRES_INITDB_ARGS_FILE
POSTGRES_PASSWORD
->POSTGRES_PASSWORD_FILE
POSTGRES_USER
->POSTGRES_USER_FILE
POSTGRES_DB
->POSTGRES_DB_FILE
This feature makes sense for secrets other than regular settings, that's why it might be a good idea to add it to this package.
The text was updated successfully, but these errors were encountered: