in devai-api/app/api_utils.py [0:0]
def get_secret_value( secret_id: str) -> str:
"""Retrieves a secret value from Google Secret Manager.
Args:
secret_id: The ID of the secret to retrieve.
Returns:
The secret value as a string, or None if the secret is not found or the user lacks permission.
Raises:
EnvironmentError: if PROJECT_ID is not defined.
Exception: For any other unexpected error when getting the secret from the secret manager.
"""
try:
project_id = ensure_env_variable('PROJECT_ID')
logging.info("PROJECT_ID:", project_id)
client = secretmanager.SecretManagerServiceClient(
client_info=ClientInfo(user_agent=USER_AGENT)
)
name = f"projects/{project_id}/secrets/{secret_id}/versions/latest"
try:
response = client.access_secret_version(name=name)
payload = response.payload.data.decode("utf-8")
logging.info(f"Successfully retrieved secret ID: {secret_id} in project {project_id}")
return payload
except PermissionDenied as e:
logging.warning(f"Insufficient permissions to access secret {secret_id} in project {project_id}: {e}")
return None
except NotFound:
logging.info(f"Secret ID not found: {secret_id} in project {project_id}")
return None
except Exception as e: # Catching a broader range of potential errors
logging.error(f"An unexpected error occurred while retrieving secret '{secret_id}': {e}")
return None
except EnvironmentError as e:
logging.error(e)