Sorry Randy,
After reading this email again, I realized you answered the question I proposed, and it appears to be
“The Ultimate Question”.
Thanks again.
This topic is Closed, lol
Sorry Randy,
After reading this email again, I realized you answered the question I proposed, and it appears to be
“The Ultimate Question”.
Thanks again.
This topic is Closed, lol
Ok Randy,
Now that I the function with either a .info or a .file (method?)
Can I use the st.secrets to place the path of the. json file instead of having to populate all of the keys to the .toml format.
It would be a lot cleaner from download to function.
Your thoughts ?
Correction,
Ok Randy,
Now that I understand the function is with either a .info or a .file (method?)
Can I use the st.secrets to place the path of the .json file instead of having to populate all of the keys to the .toml format.
It would be a lot cleaner from download to function.
Your thoughts ?
No. The important distinction here is that the only way to have a file available is to commit it to the GitHub repo, but this makes your private keys available to the world.
So by placing them in the Streamlit Cloud secrets, we’re providing that information to the container that launches your app, allowing the Streamlit app to have the credentials locally but NOT have them published on GitHub.
Ok,
So the .Streamlit folder can only be a localhost folder, not a Github folder ?
Regards
You could make .streamlit
or any other folder available on GitHub, but that defeats the point of the API keys being secret.
On your local computer, it’s yours, so unless someone has access to your computer they can’t see the keys. For GitHub, you’re intentionally sharing the code publicly (to use the Community tier of Streamlit Cloud)
OK,
Thanks for all your help with this. It’s been a exciting learning curve.
I was thinking that even on GitHub the .Streamlit folder was not visible from a recent upload of the folder experience. I thought it prompted me from GitHub that this folder was invisible.
I must be mistaken and will check this out again. If it is invisible to the public, wouldn’t this idea of using the secret file pointing to this folder be a possible solution?
I could be wrong, but that’s what I recall.
Regards,
Davis Rogers M.S.M.E.
Class A BLD
Missed this detail. So even though to me it is invisible, on the public site it’s visible ? Ok
Hey Randy,
Not sure if this is a feasable idea, but I jist came across it and thougjt I would share. I would like your thougjts on using this approach.
[https://github.blog/2020-04-14-github-is-now-free-for-teams/](https://github.blog/2020-04-14-github-is-now-free-for-teams/)
Regards,
Yes, private repos helps, but isn’t the solution. The Streamlit Cloud community tier currently only allows deploying from public repos. So having a private repo would keep your keys from being public…but you can’t deploy on the free tier
But in general, you generally don’t want to copy credentials into the source code, even if it’s private. It’s better to have the credentials be injected into the app from a secure location.
Best,
Randy
Thanks Randy,
Appreciate your patience with me on this.
Now I can code with a clear objective and not Troubleshoot myself to no end, lol.
Regards,
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
These cookies are necessary for the website to function and cannot be switched off. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us understand how visitors move around the site and which pages are most frequently visited.
These cookies are used to record your choices and settings, maintain your preferences over time and recognize you when you return to our website. These cookies help us to personalize our content for you and remember your preferences.
These cookies may be deployed to our site by our advertising partners to build a profile of your interest and provide you with content that is relevant to you, including showing you relevant ads on other websites.