-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Figure out better API key management #181
Comments
So here is my thinking for what to do after this week's discussions:
Hold on, what problem are we solving again? Well, the ideal workflow for API keys would be this: The difficulty with the ideal workflow is that this somewhere depends on the user's platform and a few other considerations:
The drawback with (1) is that the user will need to set their key every time they start a new project and also increases the chance the user will leak their secret by committing @capnrefsmmat recently pointed me to |
Question: Is there a situation, maybe in a production environment, where one user would need multiple API keys? |
Oh man, I hope not. On the plus side, from seeing how AWS and Github handle their keys (i.e., also by reading from system env vars by default, |
It's pretty easy to switch out environment variables; if you have some automation system that runs your data pipeline, you can easily set custom environment variables in the shell scripts or commands that it runs to do the various tasks. I'm asking because the answer might change how we store the keys. Environment variables are a good option exactly because they're so easy to replace or override in specific circumstances, if that will be necessary in a production environment. |
The only thing that might prompt different keys would be different private endpoint access, but in that case I think we'd just make a dedicated key instead. |
Right, if we ever run integration tests with this client with privileged and unprivileged keys, env vars would be easy to swap out. |
Alright, I went looking for other R developers with the same problem and I think I found a persistence solution. This email from 2018 by Gábor Csárdi points to rappdirs, which was made exactly for our purpose and requires only R (>= 3.2). I'm thinking the workflow could now be something like:
This covers all the desirable pieces I can think of, let me know if I'm missing some:
|
Oh and we can also think about suggesting users use |
@brookslogan points out that it's probably better to use r$> rappdirs::user_config_dir("R", version = "epidatr")
[1] "~/.config/R/epidatr"
r$> tools::R_user_dir("epidatr", "config")
[1] "/home/forecaster/.config/R/epidatr" |
Another note on CRAN policies' requirement/suggestion:
According to this scheme, is sounds like for cache files they'd want us to use tools::R_user_dir("epidatr", "cache") which is /home//.cache/R/epidatr on my Fedora system. (Anyway, whatever location is chosen it sounds better if the API key is not in the cache directory, which using |
Agreed. So to reiterate, I think we should:
|
Just peeking through CRAN to see what people do with API keys. Here are a few examples:
I can't find anyone who writes their own separate API key file. I prefer the environment variable approach because it's very easy to temporarily replace an environment variable, e.g. for testing or because specific code needs access to different data. Is the motivation for using |
Thanks for doing that research into other packages. My main example was AWS CLI which has an Here is another issue with it, other than the one you mention (where we have to teach the user how to format the environ key line): if someone already has an I want to clarify that my suggestion to use |
I think AWS does that because it has a complex configuration with a bunch of variables in different groups, and cramming that all into environment variables would be hard. Could we check for the presence of a project-specific |
Makes sense about AWS. And that's a good idea RE: dynamically adjusting Renviron scope. I just tested So I think that removes my objections to Renviron. @brookslogan was it your ESS setup that didn't play well with |
Issue skirted now:
Issues I thought there were but are resolved or partially resolved or never existed:
Remaining issue:
|
Couldn't a user that |
Sure, but they might think "I already set that for this project, why are you saying I didn't?" Doesn't sound the worst thing to have to set it twice and project switching isn't that common, but somehow I thought I remembered |
For "set their key in the first project and be fine", that'd be true only if they launched within that project every time, or set it for the second project as well. I guess that's sort of closer to how |
On the general point of And as to users changing their launch directory for projects... YAGNI, let's wait for an actual user to have this complaint. Worst case scenario is they set their key twice. |
See the tooling notes for Sept 19th
The text was updated successfully, but these errors were encountered: