Skip to content

Tweaks to env vars in Spaces #1284

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
May 22, 2024
Merged

Tweaks to env vars in Spaces #1284

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c548928
Tweaks to env vars in Spaces
Pierrci May 13, 2024
e786d10
Update docs/hub/spaces-overview.md
Pierrci May 13, 2024
285fd3d
Apply suggestions from code review
Pierrci May 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 15 additions & 4 deletions docs/hub/spaces-overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,14 +66,25 @@ If your app requires environment variables (for instance, secret keys or tokens)
<img class="hidden dark:block" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/hub/secrets-and-variables-dark.png"/>
</div>

You can use:

Variables are publicly accessible and viewable and will be automatically added to Spaces duplicated from your repository. They are exposed to your app as environment variables.
* **Variables** if you need to store non-sensitive configuration values. They are publicly accessible and viewable and will be automatically added to Spaces duplicated from yours.
* **Secrets** to store access tokens, API keys, or any sensitive values or credentials. They are private and their value cannot be read from the Space's settings page once set. They won't be added to Spaces duplicated from your repository.

For Static Spaces, they are available through client-side JavaScript in `window.huggingface.variables`.

For Docker Spaces, check out [environment management with Docker](./spaces-sdks-docker#secrets-and-variables-management).
Accessing secrets and variables is different depending on your Space SDK:

Secrets are private and their value cannot be retrieved once set. They won't be added to Spaces duplicated from your repository. The secrets will be exposed to your app with [Streamlit Secrets Management](https://blog.streamlit.io/secrets-in-sharing-apps/) if you use Streamlit, and as environment variables in other cases. For Docker Spaces, please check out [environment management with Docker](./spaces-sdks-docker#secrets-and-variables-management). Users are warned when our `Spaces Secrets Scanner` [finds hard-coded secrets](./security-secrets).
- For Static Spaces, both are available through client-side JavaScript in `window.huggingface.variables`
- For Docker Spaces, check out [environment management with Docker](./spaces-sdks-docker#secrets-and-variables-management)
- For Streamlit Spaces, secrets are exposed to your app through [Streamlit Secrets Management](https://blog.streamlit.io/secrets-in-sharing-apps/), and public variables are directly available as environment variables

For other Spaces, both are exposed to your app as environment variables. Here is a very simple example of accessing the previously declared `MODEL_REPO_ID` variable in Python (it would be the same for secrets):
```py
import os
print(os.getenv['MODEL_REPO_ID'])
```

Spaces owners are warned when our `Spaces Secrets Scanner` [finds hard-coded secrets](./security-secrets).

## Duplicating a Space

Expand Down