infisicalpy

---

About • Usage • Contributing • License

About

A python alternative to the Infisical CLI for secrets fetching and wrapper around the API.

⚠️ Warning ⚠️ This library is still under development, a first beta version will be available on Pypi once the MVP is reached. See the roadmap below:

• Service token features
  • Fetch secrets
  • Inject secrets into os.environ
  • Unit testing

-----> Beta version

• API features
  • Users
    • Get my user
    • Get my organisations
  • Organisations
    • Get memberships
    • Update membership
    • Delete membership
    • Get projects
  • Projects
    • Get memberships
    • Update membership
    • Delete membership
    • Get key
    • Get logs
    • Get snapshots
    • Roll back to snapshop
  • Secrets
    • Create
    • Retrieve
    • Update
    • Delete
    • Get versions
    • Roll back to version

Usage

Requirements

Python 3.7+

Installation

$ pip install infisicalpy

Example

from infisicalpy import SecretService

secret_service = SecretService(
    token="YOUR_SERVICE_TOKEN",
    domain="YOUR_CUSTOM_INFISICAL_DOMAIN" # If not provided the cloud api will be used by default
)

# token can be also given with the environment variable INFISICAL_TOKEN
# domain can be also given with the environment variable INFISICAL_API_URL

secrets = secret_service.get_all()
print(secrets)

>>> [
>>> SingleEnvironmentVariable(
>>>     key='DATABASE_URL',
>>>     value='mongodb+srv://user1234:[email protected]',
>>>     type='shared',
>>>     id='XXXXXXXXXXXXXXXXXXXXXXXX',
>>>     tags=[
>>>         Tag(
>>>             id='XXXXXXXXXXXXXXXXXXXXXXXX',
>>>             name='tag1',
>>>             slug='tag1',
>>>             workspace='XXXXXXXXXXXXXXXXXXXXXXXX'),
>>>         Tag(
>>>             id='XXXXXXXXXXXXXXXXXXXXXXXX',
>>>             name='tag2',
>>>             slug='tag2',
>>>             workspace='XXXXXXXXXXXXXXXXXXXXXXXX')
>>>     ],
>>>     comment='Secret referencing example'),
>>> SingleEnvironmentVariable(
>>>     key='DB_USERNAME',
>>>     value='user1234',
>>>     type='personal',
>>>     id='XXXXXXXXXXXXXXXXXXXXXXXX',
>>>     tags=[
>>>         Tag(
>>>             id='XXXXXXXXXXXXXXXXXXXXXXXX',
>>>             name='tag2',
>>>             slug='tag2',
>>>             workspace='XXXXXXXXXXXXXXXXXXXXXXXX')
>>>     ],
>>>     comment=''),
>>> SingleEnvironmentVariable(
>>>     key='DB_PASSWORD',
>>>     value='example_password',
>>>     type='personal',
>>>     id='XXXXXXXXXXXXXXXXXXXXXXXX',
>>>     tags=[],
>>>     comment=''),
>>> SingleEnvironmentVariable(
>>>     key='TWILIO_AUTH_TOKEN',
>>>     value='example_twillio_token',
>>>     type='shared',
>>>     id='XXXXXXXXXXXXXXXXXXXXXXXX',
>>>     tags=[
>>>         Tag(
>>>             id='XXXXXXXXXXXXXXXXXXXXXXXX',
>>>             name='tag1', slug='tag1',
>>>             workspace='XXXXXXXXXXXXXXXXXXXXXXXX')
>>>     ],
>>>     comment=''),
>>> SingleEnvironmentVariable(
>>>     key='WEBSITE_URL',
>>>     value='http://localhost:3000',
>>>     type='shared',
>>>     id='XXXXXXXXXXXXXXXXXXXXXXXX',
>>>     tags=[],
>>>     comment='')
]

# To retrieve and add secrets to environment variables:
secret_service.inject_all()

# From here all your secrets are available in os.environ!

assert os.environ['DB_PASSWORD'] == 'example_password'

Contributing

Start by cloning the repository:

$ git clone https://github.com/Astropilot/infisicalpy
$ cd infisicalpy

I recommand that you create a virtual environment:

$ python -m venv env

Then activate the environment with:

# For linux
$ source ./env/bin/activate

# For Windows PowerShell
$ .\env\Scripts\Activate.ps1

Then install the project and the dependencies with:

$ pip install -e '.[dev,test]'

To run all the tests you can use the following command:

$ pytest tests

More information about the setup to run the tests will be coming...

License

infisicalpy is distributed under the terms of the MIT license.