Metadata-Version: 2.1
Name: settus
Version: 0.0.5
Summary: Settings management using Pydantic, with ability to retrieve cloud secrets.
Author-email: Olivier Soucy <olivier.soucy@okube.ai>
License: MIT
Project-URL: Homepage, https://github.com/opencubes-ai/settus
Project-URL: Bug Tracker, https://github.com/opencubes-ai/settus/issues
Keywords: one,two
Classifier: Programming Language :: Python :: 3
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Requires-Python: >=3.9
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: pydantic-settings>=2.0
Provides-Extra: dev
Requires-Dist: black; extra == "dev"
Requires-Dist: twine; extra == "dev"
Provides-Extra: test
Requires-Dist: pytest; extra == "test"
Requires-Dist: pytest-cov; extra == "test"
Provides-Extra: azure
Requires-Dist: azure-identity; extra == "azure"
Requires-Dist: azure-keyvault; extra == "azure"
Provides-Extra: aws
Requires-Dist: boto3; extra == "aws"
Provides-Extra: gcp
Provides-Extra: databricks

# Settus

Settings management using Pydantic Settings and extended to secrets from Azure Keyvault, Databricks secrets [IN PROGRESS], AWS Secrets Manager and GCP Secrets Manager [IN PROGRESS]

## Okube Company

Okube is committed to develop open source data engineering and ML engineering tools. Contributions are more than welcome.


## Installation

Install using `pip install -U settus[{cloud_provider}]` where `{cloud_provider}` is the cloud provider(s) you want to fetch secrets from. Possible options are:
- azure
- aws
- gcp
- databricks

## Getting started

Settus uses [Pydantic Settings management](https://docs.pydantic.dev/latest/usage/pydantic_settings/) as its foundation. In addition, it defines the settings sources mentioned below to fetch secrets from cloud providers. The default priority order is as follows:
- Init Settings
- Environment variables 
- Azure KeyVault
- AWS Secrets Manager
- GCP Secrets Manager
- Databricks secrets

In other words, if a setting is not available from the initialization or from an environment variable, it wil sequentially lookup the field name (or aliases) in the other available sources. 

### Azure Key Vault
By providing the `keyvault_url` to the `SettingsConfigDict` or to a given field. The keyvault credentials can also be provided. Otherwise, the [DefaultAzureCredential](https://learn.microsoft.com/en-us/python/api/overview/azure/identity-readme?view=azure-python) is used. Similarly to environment variables, aliases may be used to set the key of the secrets.

### AWS Secrets Manager
TODO

### GCP Secrets Manager
TODO

### Databricks Secrets
TODO

## A Simple Example

```py
import os
from settus import BaseSettings
from settus import Field

KEYVAULT_URL = "https://my-keyvault.vault.azure.net/"
AWS_SECRET_NAME = "vault"

os.environ["MY_ENV"] = "my_value"

class Settings(BaseSettings):
    # Value from environment variable "MY_ENV"
    my_env: str = Field(default="undefined")
    
    # Value from the Azure keyvault named `my-keyvault` with secret key `my-secret` 
    my_azure_secret: str = Field(default="undefined", alias="my-secret", keyvault_url=KEYVAULT_URL)
    
    # Value from the secret named `vault` in AWS secrets manager and having the secret key `my-secret`
    my_aws_secret: str = Field(default="undefined", alias="my-secret", aws_secret_name=AWS_SECRET_NAME)

settings = ()
print(settings.my_env)
#> my_value
print(settings.my_azure_secret)
#> secret_sauce
print(settings.my_aws_secret)
#> secret_sauce
```

## Configuration Dict Example

When multiple settings share the same keyvault or aws secret, a global setting may be defined.
In this case, Azure Keyvault will be called (assuming proper credentials are available) and if
no value has been found, it will fallback on AWS Secrets. Changing the order of priorities is
possible as described [here](https://docs.pydantic.dev/latest/usage/pydantic_settings/#changing-priority).

```py
import os
from settus import BaseSettings
from settus import Field
from settus import SettingsConfigDict

KEYVAULT_URL = "https://my-keyvault.vault.azure.net/"
AWS_SECRET_NAME = "vault"

os.environ["MY_ENV"] = "my_value"

class Settings(BaseSettings):
    model_config = SettingsConfigDict(keyvault_url=KEYVAULT_URL, aws_secret_name=AWS_SECRET_NAME)
    my_env: str = Field(default="undefined")
    my_azure_secret: str = Field(default="undefined", alias="my-secret")
    my_aws_secret: str = Field(default="undefined", alias="my-secret")

settings = ()
print(settings.my_env)
#> my_value
print(settings.my_azure_secret)
#> secret_sauce
print(settings.my_aws_secret)
#> secret_sauce
```

## Contributing

TODO

## Reporting a Security Vulnerability

TODO
