The Delinea DevOps Secrets Vault (DSV) Python SDK contains classes that interact with the DSV REST API.
python -m pip install python-dsv-sdk
There are two ways in which you can authorize the SecretsVault class to fetch secrets.
PasswordGrantAuthorizer)AccessTokenAuthorizer)If using a traditional client_id and a client_secret to authenticate in to your DevOps Secrets Vault, you can pass the PasswordGrantAuthorizer into the SecretsVault class at instantiation. The PasswordGrantAuthorizer requires a base_url, username, and password. It optionally takes a token_path_uri, but defaults to /v1/token.
from delinea.secrets.vault import PasswordGrantAuthorizer
authorizer = PasswordGrantAuthorizer("https://mytenant.secretsvaultcloud.com/", "my_client_id", "my_client_secret")
If you already have a valid access_token, you can pass directly via the AccessTokenAuthorizer.
from delinea.secrets.vault import AccessTokenAuthorizer
authorizer = AccessTokenAuthorizer("YgJ1slfZs8ng9bKsRsB-tic0Kh8I...")
Instantiate SecretsVault by passing your base_url and Authorizer as arguments:
from delinea.secrets.vault import SecretsVault
vault = SecretsVault("https://mytenant.secretsvaultcloud.com/", authorizer)
Secrets can be fetched using the get_secret method, which takes the secret_path of the secret and returns a json object. Alternatively, you can use pass the json to VaultSecret which returns a dataclass object representation of the secret:
from delinea.secrets.vault import VaultSecret
secret = VaultSecret(**vault.get_secret("/test/secret"))
print(f"username: {secret.data['username']}\npassword: {secret.data['password']}")
When using a self-signed certificate for SSL, the REQUESTS_CA_BUNDLE environment variable should be set to the path of the certificate (in .pem format). This will negate the need to ignore SSL certificate verification, which makes your application vunerable. Please reference the requests documentation for further details on the REQUESTS_CA_BUNDLE environment variable, should you require it.
The SDK requires Python 3.7 or higher.
Assuming that you have a supported version of Python installed, you can clone this repository and set up your environment with:
# Clone the repo
git clone https://github.com/DelineaXPM/python-dsv-sdk
cd python-dsv-sdk
# Create a virtual environment
python -m venv venv
. venv/bin/activate
# Install dependencies
python -m pip install --upgrade pip
pip install -r requirements.txt
Valid credentials are required to run the unit tests. The credentials should be stored in environment variables or in a .env file:
export DSV_CLIENT_ID=""
export DSV_CLIENT_SECRET=""
export DSV_BASE_URL="https://my.secretsvaultcloud.com/"
The tests assume that the client associated with the specified CLIENT_ID can read the secret with the path /test/sdk/simple.
Note: The secret path can be changed manually in
test_server.pyto a secret path that the client can access.
To run the tests with tox:
tox
To build the package, use Flit:
flit build
FAQs
The Delinea DevOps Secret Vault Python SDK
We found that python-dsv-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Malicious Go packages are impersonating popular libraries to install hidden loader malware on Linux and macOS, targeting developers with obfuscated payloads.
Security News
Bybit's $1.46B hack by North Korea's Lazarus Group pushes 2025 crypto losses to $1.6B in just two months, already surpassing all of 2024's $1.49B total.
Security News
OpenSSF has published OSPS Baseline, an initiative designed to establish a minimum set of security-related best practices for open source software projects.