Working with Secrets

Very often, deployments require sensitive information such as passwords, API keys, or certificates. Tensorkube provides a built-in feature called Secrets to securely store and manage such sensitive data.

​

Creating a secret

To create a secret in tensorkube, you can use the following command:

tensorkube secret create SECRET_NAME KEY1=VAL1 KEY2=VAL2 KEY3=VAL3 ...

​

Arguments:

• SECRET_NAME: [required]

• KEYVALUES…: [required], Space-separated KEY=VALUE items

• —env ENV_NAME: [optional], Environment in which the secret is created. If not specified, default environment is used.

• —force: [optional], Overwrite the secret if it already exists.

​

Listing secrets

You can list out created secrets using the command:

tensorkube list secrets

​

Arguments:

• —env ENV_NAME: [Optional] Specify the environment to list the secrets from. If not specified, secrets from the default environment will be listed.

​

Deleting secrets

You can delete a secret using the command:

tensorkube secret delete SECRET_NAME

​

Arguments:

• SECRET_NAME: [Required], The name of the secret you want to delete.

• —env ENV_NAME: [Optional], Specify the environment from which the secret should be deleted. If not specified, the secret will be deleted from the default environment.

​

Using secrets in deployments

You can use secrets in a deployment using the --secret flag in the deploy command. Secrets are exposed as environment variables in your deployed code.

tensorkube deploy --secret secret1 --secret secret2 ...

If you are deploying in a particular environment, make sure the secrets have also been created in that particular environment.

​

Example

Let’s say you create a secret with the command

tensorkube secret create secret1 KEY1=VAL1 key2=val2

And deploy your app with the command

tensorkube deploy --secret secret1

You can access these in your code as follows:

import os

VAL1 = os.environ.get("KEY1")
val2 = os.environ.get("key2")

## Use VAL1 and val2 in your code as required