Last active
October 5, 2020 19:59
-
-
Save ehenry09/fba556c8b62874bb4583ae31ffd33e08 to your computer and use it in GitHub Desktop.
Helper functions to set and retrieve passwords from Google Secret Manager.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # pip install google-cloud-secret-manager==1.0.0 | |
| import google.auth | |
| from google.cloud import secretmanager | |
| GCS_PROJECT_NAME = "project_name" | |
| def get_secret_manager_client(credentials=None): | |
| """Get a secret manager client.""" | |
| credentials = credentials or google.auth.default(scopes=["https://www.googleapis.com/auth/cloud-platform"])[0] | |
| return secretmanager.SecretManagerServiceClient(credentials=credentials) | |
| def get_password(key: str, client=None) -> str: | |
| """Get a Google Secret password.""" | |
| client = client or get_secret_manager_client() | |
| name = client.secret_version_path(GCS_PROJECT_NAME, key, "latest") | |
| response = client.access_secret_version(name) | |
| return response.payload.data.decode('UTF-8') | |
| def set_password(key: str, password: str, client=None) -> None: | |
| """Set a Google Sercret Manager password.""" | |
| client = client or get_secret_manager_client() | |
| parent = client.secret_path(GCS_PROJECT_NAME, key) | |
| password = password.encode('UTF-8') | |
| client.add_secret_version(parent, {'data': password}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment