Skip to content

Set up credentials provider #44

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 15 commits into from
Jun 2, 2025
Merged

Set up credentials provider #44

merged 15 commits into from
Jun 2, 2025

Conversation

@DenisaCG
Copy link
Member

@DenisaCG DenisaCG commented May 28, 2025
edited
Loading

Set up the settings credentials provider for the extension and connect the secret inputs to the SecretsManager from jupyter-secrets-manager.

The credentials can be set by accessing Settings -> Settings Editor -> Credentials Provider and include the bucket name, region and endpoint, as well as an optional path to a directory within the bucket to act as root. The accessKeyID and secretAccessKey are considered secret fields and their inputs are connected to the SecretsManager from jupyter-secrets-manager.

Any changes made to the credentials are automatically saved and the drive file browser is updated, the update can take a few seconds to be visible. Every time a field is changed, a new Drive is instated with the new credentials. As the secret fields are not saved, when instating the Drive we fetch the secret values using the provided secret token.

The authFileBrowser plugin was updated to connect to the credentials provider settings. Currently, it first tries to fetch the settings and if they exist the factory returns them, otherwise it looks for the process.env environment variables, which can be used with the development version.

@DenisaCG DenisaCG self-assigned this May 28, 2025
@DenisaCG DenisaCG added the enhancement New feature or request label May 28, 2025
@DenisaCG DenisaCG marked this pull request as draft May 28, 2025 21:58
@DenisaCG DenisaCG marked this pull request as ready for review June 2, 2025 09:37
@DenisaCG
Copy link
Member Author

DenisaCG commented Jun 2, 2025

Hey @afshin, do you mind taking a look over the PR? Thanks!

@afshin afshin self-requested a review June 2, 2025 10:38
afshin
afshin reviewed Jun 2, 2025
View reviewed changes
afshin
afshin reviewed Jun 2, 2025
View reviewed changes
afshin
afshin approved these changes Jun 2, 2025
View reviewed changes
Copy link
Member

@afshin afshin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you! This looks good.

I think longer term we should have a discussion about the interaction between settings and secrets and how to minimize the risks involved in storing secrets, but that's outside the scope of this PR.

@DenisaCG
Copy link
Member Author

DenisaCG commented Jun 2, 2025

Thank you for the review! And I agree about a follow-up discussion on the secrets stored from the settings.

@DenisaCG DenisaCG merged commit c9dbe3a into main Jun 2, 2025
6 checks passed
@DenisaCG DenisaCG deleted the secretsManager branch June 2, 2025 20:06
@DenisaCG DenisaCG mentioned this pull request Jun 4, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@afshin afshin afshin approved these changes

Assignees

@DenisaCG DenisaCG

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@DenisaCG @afshin