Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Define Secret type #1546

Merged
merged 1 commit into from
Apr 9, 2024
Merged

Define Secret type #1546

merged 1 commit into from
Apr 9, 2024

Conversation

mattt
Copy link
Contributor

@mattt mattt commented Feb 24, 2024
edited
Loading

This PR defines a new Secret type in Cog's Python package, which model authors can use to signify that an input holds sensitive information (like a password or API token).

The Secret type inherits from Pydantic's SecretStr:

You can use the SecretStr and the SecretBytes data types for storing sensitive information that you do not want to be visible in logging or tracebacks. SecretStr and SecretBytes can be initialized idempotently or by using str or bytes literals respectively. The SecretStr and SecretBytes will be formatted as either '**********' or '' on conversion to json.

from cog import BasePredictor, Secret


class Predictor(BasePredictor):
    def predict(self, secret: Secret) -> None:
        # Prints '**********'
        print(secret)        

        # Use get_secret_value method to see the secret's content.
        print(secret.get_secret_value())

A predictor's Secret inputs are represented in OpenAPI with the following schema:

{
  "type": "string",
  "format": "password",
  "x-cog-secret": true,
}

Replicate will treat secret inputs differently throughout its system. For example, a prediction on Replicate will redact secret values in its JSON representation and log lines.

@mattt mattt force-pushed the mattt/secrets branch 3 times, most recently from 3ae5d52 to 2c1f02c Compare February 24, 2024 11:14
@mattt mattt marked this pull request as ready for review February 24, 2024 11:39
@mattt mattt requested review from a team February 24, 2024 11:40
@technillogue
Copy link
Contributor

what I really like about this is that it gives us to flexibility to potentially only redact and not store prediction secrets

@mattt
Define Secret type
880e8ae 
Signed-off-by: Mattt Zmuda <mattt@replicate.com>
@mattt mattt merged commit 783c2a0 into main Apr 9, 2024
15 checks passed
@mattt mattt deleted the mattt/secrets branch April 9, 2024 11:15
@BrewTestBot BrewTestBot mentioned this pull request May 6, 2024
Merged
mattt added a commit that referenced this pull request May 31, 2024
@mattt
Define Secret type (#1546)
5733673 
Signed-off-by: Mattt Zmuda <mattt@replicate.com>
@mattt mattt mentioned this pull request May 31, 2024
Closed
mattt added a commit that referenced this pull request May 31, 2024
@mattt
Define Secret type (#1546)
d4749f0 
Signed-off-by: Mattt Zmuda <mattt@replicate.com>
mattt added a commit that referenced this pull request May 31, 2024
@mattt
Backport Secret type to async branch (#1706)
8dc4890 
* Define Secret type (#1546)

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Fix linter errors (#1691)

* ruff --fix

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Update ruff pyproject settings

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Update ruff lint command in Makefile

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

---------

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Run ruff --fix python

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

---------

Signed-off-by: Mattt Zmuda <mattt@replicate.com>
@mattt mattt mentioned this pull request Jun 7, 2024
Merged
technillogue pushed a commit that referenced this pull request Jun 19, 2024
@mattt @technillogue
Backport Secret type to async branch (#1706)
a45bff0 
* Define Secret type (#1546)

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Fix linter errors (#1691)

* ruff --fix

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Update ruff pyproject settings

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Update ruff lint command in Makefile

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

---------

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Run ruff --fix python

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

---------

Signed-off-by: Mattt Zmuda <mattt@replicate.com>
technillogue pushed a commit that referenced this pull request Jun 19, 2024
@mattt @technillogue
Backport Secret type to async branch (#1706)
6d9bbc0 
* Define Secret type (#1546)

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Fix linter errors (#1691)

* ruff --fix

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Update ruff pyproject settings

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Update ruff lint command in Makefile

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

---------

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Run ruff --fix python

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

---------

Signed-off-by: Mattt Zmuda <mattt@replicate.com>
Signed-off-by: technillogue <technillogue@gmail.com>
technillogue pushed a commit that referenced this pull request Jun 19, 2024
@mattt @technillogue
Backport Secret type to async branch (#1706)
ae63067 
* Define Secret type (#1546)

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Fix linter errors (#1691)

* ruff --fix

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Update ruff pyproject settings

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Update ruff lint command in Makefile

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

---------

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

* Run ruff --fix python

Signed-off-by: Mattt Zmuda <mattt@replicate.com>

---------

Signed-off-by: Mattt Zmuda <mattt@replicate.com>
Signed-off-by: technillogue <technillogue@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@technillogue technillogue technillogue approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mattt @technillogue