CRUD

The CRUD methods are used to create, read, update and delete secrets. There are two ways to use them. The first is through the SDK and the second is through the Project object. The syntax is the same for all CRUD methods. If you want to manage secrets from the project, you can use the Project object and avoid to specify the project parameter. In this last case, you need to specify every parameter as keyword argument.

A secret entity can be managed with the following methods.

Create:

new_secret

Read:

get_secret
get_secret_versions
import_secret
list_secrets

Update:

update_secret

Delete:

delete_secret

Create

You can create a secret with the new_secret().

New

This function create a new entity and saves it into the backend.

`new_secret`

Parameters:

Name	Type	Description	Default
`project`	`str`	Project name.	required
`name`	`str`	Object name.	required
`uuid`	`str`	ID of the object (UUID4, e.g. 40f25c4b-d26b-4221-b048-9527aff291e2).	`None`
`description`	`str`	Description of the object (human readable).	`None`
`labels`	`list[str]`	List of labels.	`None`
`embedded`	`bool`	Flag to determine if object spec must be embedded in project spec.	`True`
`secret_value`	`str`	Value of the secret.	`None`
`**kwargs`	`dict`	Spec keyword arguments.	`{}`

Returns:

Type	Description
`Secret`	Object instance.

Examples:

>>> obj = new_secret(project="my-project",
>>>                  name="my-secret",
>>>                  secret_value="my-secret-value")

Read

To read secrets you can use the get_secret(), get_secret_versions(), list_secrets() or import_secret() functions.

Get

This function searches for a single secret into the backend. If you want to collect a secret from the backend using get_secret(), you have two options:

The first one is to use the key parameter which has the pattern store://<project-name>/<entity-type>/<entity-kind>/<entity-name>:<entity-id>.
The second one is to use the entity name as identifier, the project name as project and the entity id as entity_id parameters. If you do not specify the entity id, you will get the latest version.

`get_secret`

Parameters:

Name	Type	Description	Default
`identifier`	`str`	Entity key (store://...) or entity name.	required
`project`	`str`	Project name.	`None`
`entity_id`	`str`	Entity ID.	`None`
`**kwargs`	`dict`	Parameters to pass to the API call.	`{}`

Returns:

Type	Description
`Secret`	Object instance.

Examples:

Using entity key:

>>> obj = get_secret("store://my-secret-key")

Using entity name:

>>> obj = get_secret("my-secret-name"
>>>                  project="my-project",
>>>                  entity_id="my-secret-id")

Get versions

This function returns all the versions of a secret from the backend.

`get_secret_versions`

Parameters:

Name	Type	Description	Default
`identifier`	`str`	Entity key (store://...) or entity name.	required
`project`	`str`	Project name.	`None`
`**kwargs`	`dict`	Parameters to pass to the API call.	`{}`

Returns:

Type	Description
`list[Secret]`	List of object instances.

Examples:

Using entity key:

>>> objs = get_secret_versions("store://my-secret-key")

Using entity name:

>>> objs = get_secret_versions("my-secret-name",
>>>                            project="my-project")

List

This function returns all the latest secrets from the backend related to a project.

`list_secrets`

Parameters:

Name	Type	Description	Default
`project`	`str`	Project name.	required
`**kwargs`	`dict`	Parameters to pass to the API call.	`{}`

Returns:

Type	Description
`list[Secret]`	List of object instances.

Examples:

>>> objs = list_secrets(project="my-project")

Import

This function load the secret from a local yaml file descriptor.

`import_secret`

Parameters:

Name	Type	Description	Default
`file`	`str`	Path to YAML file.	required

Returns:

Type	Description
`Secret`	Object instance.

Examples:

>>> obj = import_secret("my-secret.yaml")

Update

To update a secret you can use the update_secret() method.

`update_secret`

Parameters:

Name	Type	Description	Default
`entity`	`Secret`	Object to update.	required

Returns:

Type	Description
`Secret`	Entity updated.

Examples:

>>> obj = update_secret(obj)

Delete

To delete a secret you can use the delete_secret() method.

`delete_secret`

Parameters:

Name	Type	Description	Default
`identifier`	`str`	Entity key (store://...) or entity name.	required
`project`	`str`	Project name.	`None`
`entity_id`	`str`	Entity ID.	`None`
`delete_all_versions`	`bool`	Delete all versions of the named entity. If True, use entity name instead of entity key as identifier.	`False`
`**kwargs`	`dict`	Parameters to pass to the API call.	`{}`

Returns:

Type	Description
`dict`	Response from backend.

Examples:

If delete_all_versions is False:

>>> obj = delete_secret("store://my-secret-key")

Otherwise:

>>> obj = delete_secret("my-secret-name"
>>>                     project="my-project",
>>>                     delete_all_versions=True)