Tools for extract sensitive configuration out of your project

generic-storage, secret-data, configuration-management, python
pip install generic-storage==0.0.3


Secret storage module

Project target create a simple module that can get config file out of project.

For example , here is scenario.

You are using some Google API in your project such as Sheet API and choice the ServiceAccount as authentication method

So you will got the JSON file which contain private-key , service-account email ...etc. This file you don't want any other people known coz it contain sensitive information.

Moreover, you want build your project as a dockerized open-source project so that anyone can reproduce your application in own server.

So how would you deal with this JSON file ? Extract it to external storage and then let user input the external path as enviroment variable of your docker image is a grant idea

But how did you achieve the goal ? Most of external cloud storage need your code have some change accordingly . For example, AWS S3 will need integrate boto3 and Google cloud storage will need google-cloud-storage ...etc.

Then you project must have dependency to the external storage service. If you want to change the external storage service provider, you must have code change.

This is totally bad idea coz it has violate the Open closed principle . You project did't open to change behaviour and close to code change.

This module is aim to provide the solution. if user want use google-cloud-storage then he using environment like this


if user want use AWS S3 then he using environment like this


In your project. You can just type

import os
import secret_storage
storage_instance = secret_storage.get_storage(os.environ.get('SECRET_STORAGE_STRATEGY'))
secret_content ='SECRET_CONFIG_FILE'))

Table of contents


pip install secret_storage 


Project is using pipenv to manage dependency

So in order to get started, install pipenv first.

pip3 install pipenv
# Or if you are mac user
brew install pipenv

After install pipenv, you can setup this repo by following command

pipenv --three install


Following command will execute all test and shown the code coverage report

pipenv shell
py.test --cov=secret_storage


Currently , get_storage function only accept 'Local' and 'S3'.

Using local storage

import secret_storage
storage_instance = secret_storage.get_storage('Local')
secret_content ='./tests/fixtures/.env')

Using AWS S3

import secret_storage
storage_instance = secret_storage.get_storage('S3')
secret_content ='s3://your-bucket/your-key')