secretsloader 0.1.0__tar.gz

secretsloader-0.1.0/PKG-INFO

@@ -0,0 +1,89 @@
+Metadata-Version: 2.4
+Name: secretsloader
+Version: 0.1.0
+Summary: Load secrets from Infisical into environment variables
+Author-email: Welington Souza <welington.souza@mprj.mp.br>
+License: MIT
+Project-URL: Homepage, https://gitlab-dti.mprj.mp.br/gadg/desenvolvimento/etl/secretsloader.git
+Project-URL: Repository, https://gitlab-dti.mprj.mp.br/gadg/desenvolvimento/etl/secretsloader.git
+Project-URL: Issues, https://gitlab-dti.mprj.mp.br/gadg/desenvolvimento/etl/secretsloader.git/issues
+Keywords: infisical,secrets,environment,configuration
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Requires-Python: >=3.12.10
+Description-Content-Type: text/markdown
+Requires-Dist: python-dotenv
+Requires-Dist: infisical-python>=2.0.0
+Provides-Extra: dev
+Requires-Dist: pytest; extra == "dev"
+Requires-Dist: ruff; extra == "dev"
+Requires-Dist: build; extra == "dev"
+Requires-Dist: twine; extra == "dev"
+
+# secretsloader
+
+Pacote para carregamento centralizado de secrets do Infisical em variáveis de ambiente.
+
+## Instalação
+
+### Usando pip
+
+```bash
+pip install secretsloader
+```
+
+### Usando uv
+
+```bash
+uv add secretsloader
+```
+
+### Usando poetry
+
+```bash
+poetry add secretsloader
+```
+
+## Uso Básico
+
+```python
+from secretsloader import load_secrets
+
+# Carregar secrets do Infisical para as variáveis de ambiente
+load_secrets()
+
+# Agora você pode acessar os secrets via os.environ
+import os
+
+db_password = os.getenv("DB_PASSWORD")
+```
+
+## Configuração
+
+Configure as seguintes variáveis de ambiente (pode usar um arquivo `.env`):
+
+```env
+INFISICAL_SITE_URL=https://app.infisical.com
+INFISICAL_TOKEN=seu_token_aqui
+INFISICAL_PROJECT_ID=seu_project_id
+INFISICAL_ENVIRONMENT_SLUG=dev
+```
+
+## Funcionalidades
+
+- ✅ Carregamento automático de secrets do Infisical
+- ✅ Retry automático em caso de falha
+- ✅ Suporte a cache TTL
+- ✅ Validação de variáveis obrigatórias
+- ✅ Logging detalhado
+
+## Documentação Completa
+
+Para documentação detalhada, consulte [SECRETSLOADER_DOCUMENTATION.md](SECRETSLOADER_DOCUMENTATION.md)

secretsloader-0.1.0/README.md

@@ -0,0 +1,60 @@
+# secretsloader
+
+Pacote para carregamento centralizado de secrets do Infisical em variáveis de ambiente.
+
+## Instalação
+
+### Usando pip
+
+```bash
+pip install secretsloader
+```
+
+### Usando uv
+
+```bash
+uv add secretsloader
+```
+
+### Usando poetry
+
+```bash
+poetry add secretsloader
+```
+
+## Uso Básico
+
+```python
+from secretsloader import load_secrets
+
+# Carregar secrets do Infisical para as variáveis de ambiente
+load_secrets()
+
+# Agora você pode acessar os secrets via os.environ
+import os
+
+db_password = os.getenv("DB_PASSWORD")
+```
+
+## Configuração
+
+Configure as seguintes variáveis de ambiente (pode usar um arquivo `.env`):
+
+```env
+INFISICAL_SITE_URL=https://app.infisical.com
+INFISICAL_TOKEN=seu_token_aqui
+INFISICAL_PROJECT_ID=seu_project_id
+INFISICAL_ENVIRONMENT_SLUG=dev
+```
+
+## Funcionalidades
+
+- ✅ Carregamento automático de secrets do Infisical
+- ✅ Retry automático em caso de falha
+- ✅ Suporte a cache TTL
+- ✅ Validação de variáveis obrigatórias
+- ✅ Logging detalhado
+
+## Documentação Completa
+
+Para documentação detalhada, consulte [SECRETSLOADER_DOCUMENTATION.md](SECRETSLOADER_DOCUMENTATION.md)

secretsloader-0.1.0/pyproject.toml

@@ -0,0 +1,47 @@
+[build-system]
+requires = ["setuptools>=61.0", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "secretsloader"
+version = "0.1.0"
+description = "Load secrets from Infisical into environment variables"
+readme = "README.md"
+requires-python = ">=3.12.10"
+license = {text = "MIT"}
+authors = [
+    {name = "Welington Souza", email = "welington.souza@mprj.mp.br"}
+]
+keywords = ["infisical", "secrets", "environment", "configuration"]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.8",
+    "Programming Language :: Python :: 3.9",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+]
+dependencies = [
+    "python-dotenv",
+    "infisical-python>=2.0.0",
+]
+
+[project.optional-dependencies]
+dev = ["pytest", "ruff", "build", "twine"]
+
+[project.urls]
+Homepage = "https://gitlab-dti.mprj.mp.br/gadg/desenvolvimento/etl/secretsloader.git"
+Repository = "https://gitlab-dti.mprj.mp.br/gadg/desenvolvimento/etl/secretsloader.git"
+Issues = "https://gitlab-dti.mprj.mp.br/gadg/desenvolvimento/etl/secretsloader.git/issues"
+
+[tool.setuptools]
+py-modules = ["secretsloader"]
+
+[dependency-groups]
+dev = [
+    "build>=1.4.0",
+    "twine>=6.2.0",
+]

secretsloader-0.1.0/secretsloader.egg-info/PKG-INFO

@@ -0,0 +1,89 @@
+Metadata-Version: 2.4
+Name: secretsloader
+Version: 0.1.0
+Summary: Load secrets from Infisical into environment variables
+Author-email: Welington Souza <welington.souza@mprj.mp.br>
+License: MIT
+Project-URL: Homepage, https://gitlab-dti.mprj.mp.br/gadg/desenvolvimento/etl/secretsloader.git
+Project-URL: Repository, https://gitlab-dti.mprj.mp.br/gadg/desenvolvimento/etl/secretsloader.git
+Project-URL: Issues, https://gitlab-dti.mprj.mp.br/gadg/desenvolvimento/etl/secretsloader.git/issues
+Keywords: infisical,secrets,environment,configuration
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Requires-Python: >=3.12.10
+Description-Content-Type: text/markdown
+Requires-Dist: python-dotenv
+Requires-Dist: infisical-python>=2.0.0
+Provides-Extra: dev
+Requires-Dist: pytest; extra == "dev"
+Requires-Dist: ruff; extra == "dev"
+Requires-Dist: build; extra == "dev"
+Requires-Dist: twine; extra == "dev"
+
+# secretsloader
+
+Pacote para carregamento centralizado de secrets do Infisical em variáveis de ambiente.
+
+## Instalação
+
+### Usando pip
+
+```bash
+pip install secretsloader
+```
+
+### Usando uv
+
+```bash
+uv add secretsloader
+```
+
+### Usando poetry
+
+```bash
+poetry add secretsloader
+```
+
+## Uso Básico
+
+```python
+from secretsloader import load_secrets
+
+# Carregar secrets do Infisical para as variáveis de ambiente
+load_secrets()
+
+# Agora você pode acessar os secrets via os.environ
+import os
+
+db_password = os.getenv("DB_PASSWORD")
+```
+
+## Configuração
+
+Configure as seguintes variáveis de ambiente (pode usar um arquivo `.env`):
+
+```env
+INFISICAL_SITE_URL=https://app.infisical.com
+INFISICAL_TOKEN=seu_token_aqui
+INFISICAL_PROJECT_ID=seu_project_id
+INFISICAL_ENVIRONMENT_SLUG=dev
+```
+
+## Funcionalidades
+
+- ✅ Carregamento automático de secrets do Infisical
+- ✅ Retry automático em caso de falha
+- ✅ Suporte a cache TTL
+- ✅ Validação de variáveis obrigatórias
+- ✅ Logging detalhado
+
+## Documentação Completa
+
+Para documentação detalhada, consulte [SECRETSLOADER_DOCUMENTATION.md](SECRETSLOADER_DOCUMENTATION.md)

secretsloader-0.1.0/secretsloader.egg-info/SOURCES.txt

@@ -0,0 +1,8 @@
+README.md
+pyproject.toml
+secretsloader.py
+secretsloader.egg-info/PKG-INFO
+secretsloader.egg-info/SOURCES.txt
+secretsloader.egg-info/dependency_links.txt
+secretsloader.egg-info/requires.txt
+secretsloader.egg-info/top_level.txt

secretsloader-0.1.0/secretsloader.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

secretsloader-0.1.0/secretsloader.egg-info/requires.txt

@@ -0,0 +1,8 @@
+python-dotenv
+infisical-python>=2.0.0
+
+[dev]
+pytest
+ruff
+build
+twine

secretsloader-0.1.0/secretsloader.egg-info/top_level.txt

@@ -0,0 +1 @@
+secretsloader

secretsloader-0.1.0/secretsloader.py

@@ -0,0 +1,243 @@
+"""
+Module for loading secrets from Infisical into environment variables.
+
+This module provides functionality to fetch secrets from Infisical and inject them
+into the process environment variables, with proper error handling and retry logic.
+"""
+
+import os
+import logging
+import time
+from typing import Optional, Dict, Any
+from dotenv import load_dotenv
+from infisical_sdk import InfisicalSDKClient
+
+load_dotenv()
+
+logger = logging.getLogger(__name__)
+
+# Flag to ensure secrets are loaded only once
+_secrets_loaded = False
+
+# Required environment variables
+REQUIRED_ENV_VARS = [
+    "INFISICAL_SITE_URL",
+    "INFISICAL_TOKEN",
+    "INFISICAL_PROJECT_ID",
+    "INFISICAL_ENVIRONMENT_SLUG",
+]
+
+
+class SecretsLoaderError(Exception):
+    """Base exception for secrets loader errors."""
+    pass
+
+
+class MissingEnvironmentVariableError(SecretsLoaderError):
+    """Raised when required environment variables are missing."""
+    pass
+
+
+class InfisicalConnectionError(SecretsLoaderError):
+    """Raised when connection to Infisical fails."""
+    pass
+
+
+def validate_environment_variables() -> None:
+    """
+    Validate that all required environment variables are set.
+
+    Raises:
+        MissingEnvironmentVariableError: If any required environment variable is missing.
+    """
+    missing_vars = [var for var in REQUIRED_ENV_VARS if not os.getenv(var)]
+
+    if missing_vars:
+        error_msg = f"Missing required environment variables: {', '.join(missing_vars)}"
+        logger.error(error_msg)
+        raise MissingEnvironmentVariableError(error_msg)
+
+    logger.debug("All required environment variables are present")
+
+
+def fetch_secrets_from_infisical(
+        max_retries: int = 3,
+        retry_delay: float = 1.0,
+        cache_ttl: Optional[int] = None
+) -> Dict[str, str]:
+    """
+    Fetch secrets from Infisical with retry logic.
+
+    Args:
+        max_retries: Maximum number of retry attempts (default: 3)
+        retry_delay: Delay in seconds between retries (default: 1.0)
+        cache_ttl: Cache TTL in seconds, None to disable caching (default: None)
+
+    Returns:
+        Dictionary mapping secret keys to secret values
+
+    Raises:
+        InfisicalConnectionError: If connection to Infisical fails after all retries
+    """
+    last_exception = None
+
+    for attempt in range(1, max_retries + 1):
+        try:
+            logger.info(f"Attempting to connect to Infisical (attempt {attempt}/{max_retries})")
+
+            client = InfisicalSDKClient(
+                host=os.getenv("INFISICAL_SITE_URL"),
+                token=os.getenv("INFISICAL_TOKEN"),
+                cache_ttl=cache_ttl,
+            )
+
+            secrets_response = client.secrets.list_secrets(
+                project_id=os.getenv("INFISICAL_PROJECT_ID"),
+                environment_slug=os.getenv("INFISICAL_ENVIRONMENT_SLUG"),
+                secret_path="/",
+            ).to_dict()
+
+            secrets_dict = {}
+            for secret in secrets_response.get("secrets", []):
+                key = secret.get("secretKey")
+                value = secret.get("secretValue")
+                if key and value is not None:
+                    secrets_dict[key] = value
+
+            logger.info(f"Successfully fetched {len(secrets_dict)} secrets from Infisical")
+            return secrets_dict
+
+        except Exception as e:
+            last_exception = e
+            logger.warning(
+                f"Failed to fetch secrets from Infisical (attempt {attempt}/{max_retries}): {e}"
+            )
+
+            if attempt < max_retries:
+                logger.info(f"Retrying in {retry_delay} seconds...")
+                time.sleep(retry_delay)
+
+    error_msg = f"Failed to connect to Infisical after {max_retries} attempts"
+    logger.error(f"{error_msg}: {last_exception}")
+    raise InfisicalConnectionError(error_msg) from last_exception
+
+
+def load_secrets(
+        override_existing: bool = False,
+        max_retries: int = 3,
+        retry_delay: float = 1.0,
+        cache_ttl: Optional[int] = None,
+        force_reload: bool = False
+) -> int:
+    """
+    Load secrets from Infisical into environment variables.
+
+    This function fetches secrets from Infisical and injects them into os.environ.
+    By default, it will only load secrets once per process lifetime.
+
+    Args:
+        override_existing: If True, override existing environment variables (default: False)
+        max_retries: Maximum number of retry attempts for API calls (default: 3)
+        retry_delay: Delay in seconds between retries (default: 1.0)
+        cache_ttl: Cache TTL in seconds, None to disable caching (default: None)
+        force_reload: If True, bypass the single-load protection (default: False)
+
+    Returns:
+        Number of secrets loaded into environment
+
+    Raises:
+        MissingEnvironmentVariableError: If required environment variables are missing
+        InfisicalConnectionError: If connection to Infisical fails
+    """
+    global _secrets_loaded
+
+    if _secrets_loaded and not force_reload:
+        logger.info("Secrets already loaded, skipping reload")
+        return 0
+
+    logger.info("Starting secrets loading process")
+
+    # Validate environment variables
+    validate_environment_variables()
+
+    # Fetch secrets from Infisical
+    secrets_dict = fetch_secrets_from_infisical(
+        max_retries=max_retries,
+        retry_delay=retry_delay,
+        cache_ttl=cache_ttl
+    )
+
+    # Load secrets into environment
+    loaded_count = 0
+    skipped_count = 0
+
+    for key, value in secrets_dict.items():
+        if key in os.environ and not override_existing:
+            logger.debug(f"Skipping secret '{key}' (already exists in environment)")
+            skipped_count += 1
+        else:
+            os.environ[key] = value
+            loaded_count += 1
+            logger.debug(f"Loaded secret '{key}' into environment")
+
+    _secrets_loaded = True
+
+    logger.info(
+        f"Secrets loading complete: {loaded_count} loaded, {skipped_count} skipped"
+    )
+
+    return loaded_count
+
+
+def get_credentials(
+        override_existing: bool = False,
+        max_retries: int = 3,
+        retry_delay: float = 1.0,
+        cache_ttl: Optional[int] = None
+) -> None:
+    """
+    Legacy function for backward compatibility.
+
+    Loads secrets from Infisical into environment variables with fallback to local variables.
+    This function catches all exceptions and logs warnings instead of raising them.
+
+    Args:
+        override_existing: If True, override existing environment variables (default: False)
+        max_retries: Maximum number of retry attempts for API calls (default: 3)
+        retry_delay: Delay in seconds between retries (default: 1.0)
+        cache_ttl: Cache TTL in seconds, None to disable caching (default: None)
+    """
+    try:
+        load_secrets(
+            override_existing=override_existing,
+            max_retries=max_retries,
+            retry_delay=retry_delay,
+            cache_ttl=cache_ttl
+        )
+    except Exception as e:
+        logger.warning(f"Could not fetch secrets from Infisical: {e}")
+        logger.warning("Using local environment variables only")
+
+
+if __name__ == "__main__":
+    # Configure logging for CLI usage
+    logging.basicConfig(
+        level=logging.INFO,
+        format="%(asctime)s - %(name)s - %(levelname)s - %(message)s"
+    )
+
+    try:
+        load_secrets()
+        # Example: print a specific environment variable
+        pg_host = os.environ.get("PG_HOST")
+        ora_user = os.environ.get("ORA_USER")
+
+        if pg_host:
+            print(f"PG_HOST: {pg_host}")
+            print(f"ORA_USER: {ora_user}")
+
+        else:
+            print("PG_HOST not found in environment")
+    except Exception as e:
+        logger.error(f"Failed to load secrets: {e}")
+        exit(1)

secretsloader-0.1.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+