Coverage for /home/runner/work/viur-core/viur-core/viur/src/viur/core/secret.py: 0%

8 statements  

« prev     ^ index     » next       coverage.py v7.6.1, created at 2024-09-03 13:41 +0000

1import logging 

2from google.cloud import secretmanager 

3from viur.core.config import conf 

4 

5""" 

6This module provides utility functions for accessing values stored in the Google Cloud Secret Manager. 

7""" 

8 

9# Global secret manager client instance 

10__client = secretmanager.SecretManagerServiceClient() 

11 

12 

13def get(secret: str, version: int | str = "latest") -> str: 

14 """ 

15 Retrieves a secret stored in Google Cloud Secret Manager for use within the application. 

16 

17 Add a secret online under https://console.cloud.google.com/security/secret-manager. 

18 Service accounts requires the role "Secret Manager Secret Accessor" in IAM. 

19 """ 

20 name = f"""projects/{conf.instance.project_id}/secrets/{secret}/versions/{version}""" 

21 return __client.access_secret_version(request={"name": name}).payload.data.decode()