Defining Secrets
Both Hydroplane and the processes it creates need access to secret values. Some secret values (Hydroplane secrets) are used by Hydroplane to authenticate with the runtime. Other secret values (process secrets) are used by processes when they run.
Hydroplane Secrets
Hydroplane secrets are stored in a secret store. Most of Hydroplane’s runtimes need access to this secret store in order to retrieve enough credentials to authenticate with the runtime. For runtimes like docker that don’t require any secrets, the none secret store can be used.
See Secret Stores for a list of available secret stores and their settings.
- pydantic model hydroplane.models.secret.HydroplaneSecret
A reference to a secret in Hydroplane’s secret store that Hydroplane will use to authenticate with the runtime.
- field secret_name: str [Required]
the name of the secret
- field key: Optional[str] = None
if the secret itself is an object, the key within that object that contains the desired secret data
Secrets can contain any string, even one that contains newlines or other special characters.
Process Secrets
Process secrets are stored by the runtime itself. You can use process secrets to pass secret values to a process’s environment variables or to provide the process with authentication information to a container registry without having to pass those secrets around in cleartext.
Here’s an example of using a process secret to retrieve a secret value for an environment variable:
{
"process_name": "my-process",
"container": {
"image_uri": "foo/bar",
"ports": [
{
"container_port": "80"
}
],
"env": [
{
"name": "ULTRA_SECRET_THINGY",
"value": {
"secret_name": "ultra-secret"
}
}
]
}
}
- pydantic model hydroplane.models.secret.ProcessSecret
A reference to a secret value that the process will need to run.
- field secret_name: str [Required]
the name of the secret
- field key: Optional[str] = None
if the secret itself is an object, the key within that object that contains the desired secret data