### Install pydantic-settings-sops Source: https://github.com/pavelzw/pydantic-settings-sops/blob/main/README.md Provides commands to install the pydantic-settings-sops package using pip or pixi. Pip is the standard Python package installer, while pixi is a package and environment manager. ```bash pip install pydantic-settings-sops ``` ```bash pixi add pydantic-settings-sops ``` -------------------------------- ### Development Installation and Testing with Pixi Source: https://github.com/pavelzw/pydantic-settings-sops/blob/main/README.md Details the steps for setting up the project in a development environment using pixi. This includes cloning the repository, installing development dependencies, and running tests. ```bash git clone https://github.com/pavelzw/pydantic-settings-sops cd pydantic-settings-sops pixi run pre-commit-install pixi run postinstall pixi run test ``` -------------------------------- ### Combine SOPS with Environment Variables and .env Files Source: https://context7.com/pavelzw/pydantic-settings-sops/llms.txt Illustrates combining SOPS-encrypted secrets with other settings sources like environment variables and `.env` files using `pydantic-settings`. This example demonstrates custom precedence for maximum flexibility in configuration management. ```python from pydantic_settings import ( BaseSettings, PydanticBaseSettingsSource, SettingsConfigDict, ) from pydantic_settings_sops import SOPSConfigSettingsSource class HybridSettings(BaseSettings): """Combine SOPS secrets with environment variables.""" model_config = SettingsConfigDict( yaml_file="secrets.yaml", env_prefix="APP_", ) # Secrets from SOPS file database_password: str api_token: str # Runtime config from environment database_host: str = "localhost" log_level: str = "INFO" @classmethod def settings_customise_sources( cls, settings_cls: BaseSettings, init_settings: PydanticBaseSettingsSource, env_settings: PydanticBaseSettingsSource, dotenv_settings: PydanticBaseSettingsSource, file_secret_settings: PydanticBaseSettingsSource, ) -> tuple[PydanticBaseSettingsSource, ...]: # Precedence: init > env > SOPS file return ( init_settings, env_settings, SOPSConfigSettingsSource(settings_cls), ) # secrets.yaml contains database_password and api_token # APP_DATABASE_HOST=db.example.com overrides the default # APP_LOG_LEVEL=DEBUG overrides the default settings = HybridSettings() print(f"Host: {settings.database_host}, Level: {settings.log_level}") # Output: Host: db.example.com, Level: DEBUG ``` -------------------------------- ### Configure Pydantic Settings with SOPS Source Source: https://github.com/pavelzw/pydantic-settings-sops/blob/main/README.md Demonstrates how to integrate the SOPSConfigSettingsSource into Pydantic's settings customization. This allows Pydantic to load settings from SOPS encrypted YAML files. It requires `pydantic-settings` and `pydantic-settings-sops`. ```python from pydantic_settings import ( BaseSettings, PydanticBaseSettingsSource, SettingsConfigDict, ) from pydantic_settings_sops import SOPSConfigSettingsSource class SettingsExample(BaseSettings): model_config = SettingsConfigDict( yaml_file="secrets.yaml" ) foobar: str @classmethod def settings_customise_sources( cls, settings_cls: BaseSettings, init_settings: PydanticBaseSettingsSource, env_settings: PydanticBaseSettingsSource, dotenv_settings: PydanticBaseSettingsSource, file_secret_settings: PydanticBaseSettingsSource, ) -> tuple[PydanticBaseSettingsSource, ...]: return (init_settings, SOPSConfigSettingsSource(settings_cls)) ``` -------------------------------- ### Load JSON SOPS Files with pydantic-settings Source: https://context7.com/pavelzw/pydantic-settings-sops/llms.txt Demonstrates loading settings from a SOPS-encrypted JSON file using `pydantic-settings-sops`. The `json_file` option in `SettingsConfigDict` specifies the configuration file. This method is suitable for managing sensitive credentials securely. ```python from pydantic_settings import ( BaseSettings, PydanticBaseSettingsSource, SettingsConfigDict, ) from pydantic_settings_sops import SOPSConfigSettingsSource class CloudSettings(BaseSettings): """Settings loaded from SOPS-encrypted JSON file.""" model_config = SettingsConfigDict( json_file="cloud-credentials.json" ) aws_access_key_id: str aws_secret_access_key: str aws_region: str = "us-east-1" @classmethod def settings_customise_sources( cls, settings_cls: BaseSettings, init_settings: PydanticBaseSettingsSource, env_settings: PydanticBaseSettingsSource, dotenv_settings: PydanticBaseSettingsSource, file_secret_settings: PydanticBaseSettingsSource, ) -> tuple[PydanticBaseSettingsSource, ...]: return ( init_settings, SOPSConfigSettingsSource(settings_cls), ) # cloud-credentials.json (SOPS encrypted): # { # "aws_access_key_id": "AKIAIOSFODNN7EXAMPLE", # "aws_secret_access_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" # } settings = CloudSettings() print(f"AWS Region: {settings.aws_region}") # Output: AWS Region: us-east-1 ``` -------------------------------- ### Override SOPS File Path Dynamically Source: https://context7.com/pavelzw/pydantic-settings-sops/llms.txt Shows how to bypass `model_config` and specify SOPS file paths directly when instantiating `SOPSConfigSettingsSource`. This is useful for dynamic configuration loading or testing, allowing the file path to be determined at runtime based on environment variables. ```python from pydantic_settings import ( BaseSettings, PydanticBaseSettingsSource, SettingsConfigDict, ) from pydantic_settings_sops import SOPSConfigSettingsSource class FlexibleSettings(BaseSettings): """Settings with dynamic file path selection.""" model_config = SettingsConfigDict() # No default file secret_key: str debug: bool = False @classmethod def settings_customise_sources( cls, settings_cls: BaseSettings, init_settings: PydanticBaseSettingsSource, env_settings: PydanticBaseSettingsSource, dotenv_settings: PydanticBaseSettingsSource, file_secret_settings: PydanticBaseSettingsSource, ) -> tuple[PydanticBaseSettingsSource, ...]: # Dynamically choose file based on environment import os env = os.getenv("APP_ENV", "development") yaml_path = f"config/{env}/secrets.yaml" return ( init_settings, SOPSConfigSettingsSource(settings_cls, yaml_file=yaml_path), ) # With APP_ENV=production, loads config/production/secrets.yaml settings = FlexibleSettings() ``` -------------------------------- ### Load Multiple SOPS Encrypted Files into Pydantic Settings (Python) Source: https://context7.com/pavelzw/pydantic-settings-sops/llms.txt Illustrates how to configure pydantic-settings to load values from multiple SOPS-encrypted YAML files. The `SOPSConfigSettingsSource` can accept a list of file paths, allowing for layered configurations where later files can override settings from earlier ones. ```python from pydantic_settings import ( BaseSettings, PydanticBaseSettingsSource, SettingsConfigDict, ) from pydantic_settings_sops import SOPSConfigSettingsSource class AppSettings(BaseSettings): """Settings from multiple SOPS files - later files override earlier ones.""" model_config = SettingsConfigDict( yaml_file=["secrets/base.yaml", "secrets/production.yaml"] ) api_key: str api_secret: str environment: str = "development" @classmethod def settings_customise_sources( cls, settings_cls: BaseSettings, init_settings: PydanticBaseSettingsSource, env_settings: PydanticBaseSettingsSource, dotenv_settings: PydanticBaseSettingsSource, file_secret_settings: PydanticBaseSettingsSource, ) -> tuple[PydanticBaseSettingsSource, ...]: return (init_settings, SOPSConfigSettingsSource(settings_cls)) # base.yaml contains: api_key, api_secret, environment: "development" # production.yaml contains: environment: "production" # Result: environment is "production", other values from base.yaml settings = AppSettings() print(f"Environment: {settings.environment}") # Output: Environment: production ``` -------------------------------- ### Load SOPS Encrypted YAML into Pydantic Settings (Python) Source: https://context7.com/pavelzw/pydantic-settings-sops/llms.txt Demonstrates how to use SOPSConfigSettingsSource to load secrets from a SOPS-encrypted YAML file into a Pydantic BaseSettings model. It overrides the default settings sources to include the SOPS source, ensuring encrypted secrets are automatically decrypted and available as typed attributes. ```python from pydantic_settings import ( BaseSettings, PydanticBaseSettingsSource, SettingsConfigDict, ) from pydantic_settings_sops import SOPSConfigSettingsSource class DatabaseSettings(BaseSettings): """Settings loaded from a SOPS-encrypted YAML file.""" model_config = SettingsConfigDict( yaml_file="secrets.yaml" ) db_host: str db_port: int = 5432 db_user: str db_password: str @classmethod def settings_customise_sources( cls, settings_cls: BaseSettings, init_settings: PydanticBaseSettingsSource, env_settings: PydanticBaseSettingsSource, dotenv_settings: PydanticBaseSettingsSource, file_secret_settings: PydanticBaseSettingsSource, ) -> tuple[PydanticBaseSettingsSource, ...]: # init_settings takes precedence, then SOPS file return (init_settings, SOPSConfigSettingsSource(settings_cls)) # Usage settings = DatabaseSettings() print(f"Connecting to {settings.db_host}:{settings.db_port}") # Output: Connecting to localhost:5432 # Override with init values settings_override = DatabaseSettings(db_host="production.example.com") print(f"Connecting to {settings_override.db_host}:{settings_override.db_port}") # Output: Connecting to production.example.com:5432 ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.