Secret#

pydantic model phalanx.models.secrets.Secret#

Specification for an application secret for a specific environment.

The same as SecretConfig except augmented with the secret application and key for internal convenience.

Parameters:

data (Any) –

Show JSON schema
{
   "title": "Secret",
   "description": "Specification for an application secret for a specific environment.\n\nThe same as `SecretConfig` except augmented with the secret application\nand key for internal convenience.",
   "type": "object",
   "properties": {
      "description": {
         "title": "Description",
         "type": "string"
      },
      "copy": {
         "anyOf": [
            {
               "$ref": "#/$defs/SecretCopyRules"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "Rules for where the secret should be copied from"
      },
      "generate": {
         "anyOf": [
            {
               "$ref": "#/$defs/SimpleSecretGenerateRules"
            },
            {
               "$ref": "#/$defs/SourceSecretGenerateRules"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "title": "Generate"
      },
      "onepassword": {
         "allOf": [
            {
               "$ref": "#/$defs/SecretOnepasswordConfig"
            }
         ],
         "default": {
            "encoded": false
         }
      },
      "value": {
         "anyOf": [
            {
               "format": "password",
               "type": "string",
               "writeOnly": true
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "title": "Value"
      },
      "key": {
         "title": "Key",
         "type": "string"
      },
      "application": {
         "title": "Application",
         "type": "string"
      }
   },
   "$defs": {
      "SecretCopyRules": {
         "additionalProperties": false,
         "description": "Rules for copying a secret value from another secret.",
         "properties": {
            "application": {
               "title": "Application",
               "type": "string"
            },
            "key": {
               "title": "Key",
               "type": "string"
            }
         },
         "required": [
            "application",
            "key"
         ],
         "title": "SecretCopyRules",
         "type": "object"
      },
      "SecretOnepasswordConfig": {
         "description": "Configuration for how a static secret is stored in 1Password.",
         "properties": {
            "encoded": {
               "default": false,
               "title": "Encoded",
               "type": "boolean"
            }
         },
         "title": "SecretOnepasswordConfig",
         "type": "object"
      },
      "SimpleSecretGenerateRules": {
         "additionalProperties": false,
         "description": "Rules for generating a secret value with no source information.",
         "properties": {
            "type": {
               "enum": [
                  "password",
                  "gafaelfawr-token",
                  "fernet-key",
                  "rsa-private-key"
               ],
               "title": "Type",
               "type": "string"
            }
         },
         "required": [
            "type"
         ],
         "title": "SimpleSecretGenerateRules",
         "type": "object"
      },
      "SourceSecretGenerateRules": {
         "description": "Rules for generating a secret from another secret.",
         "properties": {
            "type": {
               "enum": [
                  "bcrypt-password-hash",
                  "mtime"
               ],
               "title": "Type",
               "type": "string"
            },
            "source": {
               "title": "Source",
               "type": "string"
            }
         },
         "required": [
            "type",
            "source"
         ],
         "title": "SourceSecretGenerateRules",
         "type": "object"
      }
   },
   "additionalProperties": false,
   "required": [
      "description",
      "key",
      "application"
   ]
}

Config:
  • populate_by_name: bool = True

  • extra: str = forbid

Fields:
field application: str [Required]#

Application of the secret.

field copy_rules: SecretCopyRules | None = None (alias 'copy')#

Rules for where the secret should be copied from

field description: str [Required]#

Description of the secret.

field generate: SecretGenerateRules | None = None#

Rules for how the secret should be generated.

field key: str [Required]#

Key of the secret.

field onepassword: SecretOnepasswordConfig = SecretOnepasswordConfig(encoded=False)#

Configuration for how the secret is stored in 1Password.

field value: SecretStr | None = None#

Secret value.