Can you use Secrets as environment variable for use in requirements.txt?

Hello - I’d like to have my app use a python package from a private github repository that can be installed using a github access token. Can you use the Streamlit Cloud secrets manager to set environment variables for use in deploying the app?

What I’ve tried:

Running locally I can add the following line into my requirements.txt file:


and pip install -r requirements.txt will successfully expand the ${GITHUB_TOKEN} if the environment variable is set correctly to the secret key.

I can set the environment variable locally with:
export GITHUB_TOKEN=SecretTokenEnteredHere

To test on Streamlit Cloud I deployed the app and added the secret to the secret TOML file like this:

GITHUB_TOKEN = "<secret token entered here>"

Error Received:

But the app doesn’t successfully deploy and provides the following error in the logs.

Collecting git+https://****<ORGANIZATION_NAME>/<REPO_NAME>.git (from -r /app/streamlit-private-access-test/requirements.txt (line 4))

  Cloning https://****<ORGANIZATION_NAME>/<REPO_NAME>.git to /tmp/pip-req-build-8xuma8eh

  Running command git clone --filter=blob:none --quiet 'https://****<ORGANIZATION_NAME>/<REPO_NAME>.git' /tmp/pip-req-build-8xuma8eh

  fatal: could not read Password for 'https://${GITHUB_TOKEN}': No such device or address

  error: subprocess-exited-with-error

Unfortunately, I don’t think there is a way on streamlit cloud to add environment variables that are used when installing packages.

It’s not an ideal option, but could you copy and paste the code from the python package into your app’s repo itself?

1 Like

Thanks for the response!

Pulling the package in directly would get cumbersome to keep up to date as a separate copy of the code which is also in active development.

Perhaps I’ll see if I can get this to work on something like GCP App Engine. Thank you!

1 Like