Using secrets in workers

    Accessing secrets in the API🔗

    Since Arkindex 0.14.2, an API endpoint is available to retrieve secrets called RetrieveSecret. The endpoint cannot be accessed by regular users, but machine learning workers and administrators can use it.

    Declaring secrets in workers🔗

    Declaring a secret in your worker allows our base worker package to retrieve the secret for you, and causes it to fail when the secret is missing from the Arkindex instance.

    To declare a secret🔗

    1. Add the secret's name to the secrets section of a worker in the .arkindex.yml file:

      ---
      version: 2
      type: worker
      
      workers:
       - slug: my_worker
         name: My nice worker
         docker:
           build: Dockerfile
         configuration:
           threshold: 21.3
      
         # Declare your secrets as below, only specifying their name
         secrets:
           - project/tool/credentials.json
      

    For more information on the .arkindex.yml file, see YAML configuration.

    Accessing secrets in Python code🔗

    Declared secrets will be made available to Worker classes as the self.secrets attribute, a Python dict mapping secret names to unencrypted secret content.

    To access a secret in Python code🔗

    1. Anywhere in the code, use self.secrets["my_secret_name"], where my_secret_name is the name of the secret.