- GetSecret
- TTL + LRD Cache (KEK & records)
- Psql and Memory repositories
With postgres:
pip install "ds-vault-py-sdk[postgres]"Memory only:
pip install ds-vault-py-sdkPostgres - plain:
from vault import DSVaultClient
from vault.repositories.postgres import PostgresSecretRepository
repo = PostgresSecretRepository(
dsn="postgresql://user:pass@host:5432/db",
table="public.secrets",
)
client = DSVaultClient(repository=repo)
secret_bytes = client.get_secret(key=key)
print(secret_bytes.decode())Managed KMS context:
client = DSVaultClient(
repository=repo,
encryption_context_defaults={"app": "payments-api", "env": "prod"},
)Execute tests by setting environment variables to manage import paths, and call pytest.
export PYTHONPATH="src"
pipenv run pytestCurrently support dev and prod environment,
defined by setting environment variable BUILDING_MODE,
e.g.:
export BUILDING_MODE="dev"