Rio McMahon
08/09/2022, 5:00 AMList[secretStr]
but it ends up storing the secret as a list like ['*', '*', '*'...,'*']
. Is there a way to store secrets securely in a list object?Jeremiah
08/09/2022, 11:28 AMasync def test_block_with_list_of_secrets(self, session):
class ListSecretBlock(Block):
x: List[SecretStr]
# save the block
await ListSecretBlock(x=["a", "b"]).save(name="list-secret")
# load the block
block = await ListSecretBlock.load("list-secret")
assert block.x[0].get_secret_value() == 'a'
assert block.x[1].get_secret_value() == 'b'
Rio McMahon
08/09/2022, 1:13 PMfrom typing import Dict, List
from pydantic import SecretStr
from prefect.blocks.core import Block
class ApiKeys(Block):
api_key_secret: List[SecretStr]
and register the block via: prefect block register --file file.py
I can add the secret as shown in the attached vid. When I poll for the secrets using:
import prefect
pc = prefect.get_client()
blocks = await pc.read_block_documents()
print(blocks)
The relevant returned bit shows:
...name='stuff', data={'api_key_secret_list': ['*', '*', '*', '*', '*', '*', '*', '*', 'more_things']}...
from typing import Dict, List
from pydantic import SecretStr
from prefect.blocks.core import Block
class ApiKeys(Block):
api_key_secret = List[Dict[str, SecretStr]]
but it was only prompting me for a list input; not a list of dict and strings. Basically I just want to store a list of secure data - if this is an antipattern/there is a better way to do this I am all ears.List[Dict[str, SecretStr]]
block:
from typing import Dict, List
from pydantic import SecretStr
from prefect.blocks.core import Block
class ApiKeys(Block):
api_key_secret: List[Dict[str, SecretStr]]
await ApiKeys(api_key_secret=[{'a':'b'},{'c':'d'}]).save(name='testsecret')
secrets = await ApiKeys.load('testsecret')
print(secrets.api_key_secret[0]) # returns `{'a': SecretStr('**********')}`
print(secrets.api_key_secret[0]['a'].get_secret_value()) # returns `'b'`
So you can see that the secret is properly obscured when printed to the console; however it is not obfuscated in the UI as seen in the attached screenshot:Jeremiah
08/09/2022, 4:09 PMSecretJSON
type)