Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

secret references not recognized inside of Jupyter notebook (.ipynb) #192

Open
rdhyee opened this issue Dec 1, 2023 · 7 comments
Open

secret references not recognized inside of Jupyter notebook (.ipynb) #192

rdhyee opened this issue Dec 1, 2023 · 7 comments
Labels
enhancement New feature or request

Comments

@rdhyee
Copy link

rdhyee commented Dec 1, 2023

In my experience, 1Password secret references (https://developer.1password.com/docs/cli/secrets-reference-syntax/) are not being recognized in the context of Jupyter notebooks by the op-vscode -- even I see the secret reference being recognized in .py files for example. For example:

image

In contrast:

image

I'm tempted to run vscode under the 1Password cli (op) directly with op run code to work around this problem, but I understand that this might be the most secure thing to do. Is that true?

Are others having the problem of secret references not working inside of a .ipynb context?
@maxcohen55
Copy link

Same here 👍
Any updates on this?

@ApprenticeofEnder
Copy link

I have confirmation on this as well. I'll see if I can look into it!

@ApprenticeofEnder
Copy link

Not sure if this is a clue, but I took a look at the concatenated output of a Jupyter notebook.
However, looking at the concatenated output of a Notebook file reveals this:

$ cat jupyter_test.ipynb 
{
<--SNIP-->
    "source": [
        "API_USERNAME = \"op://Work/TestCreds/username\""
    ]
<--SNIP-->

Interesting. I thought the escaped quotes were interfering, but no, the regex doesn't need the quotation marks. Still, maybe it was reading out the file as it was on disk?

I converted the .ipynb into a JSON file, since that's literally the format it was in:

cat jupyter_test.ipynb > json_test.json

And would you look at that. It recognizes the thing in JSON!

JSON Evidence

I have a feeling this is something to do with how Jupyter noteboks are rendered in VSCode. Would need some further digging.

@ApprenticeofEnder
Copy link

I've also discovered that VSCode supports formatting of notebooks. Wonder if we can hook into similar behaviour.

Formatter Action source code

@jodyheavener
Copy link
Member

Hey all, thanks for raising this issue. We currently have parsers that work with JSON, YAML, and ENV syntax, and then a more general-purpose parser for other text-based formats. I am going to look further into this, but I believe the issue is that Jupyter format is not a regular text-based format and will require a special parser. Adding a feature request label to hopefully have this investigated further. Thank you!

@jodyheavener jodyheavener added the enhancement New feature or request label May 23, 2024
@flyback-rs
Copy link

flyback-rs commented Dec 18, 2024
edited
Loading

Since it's been a long time and no news on this

SUPER_SECRET_API_KEY = !op read "op://Vault/shitty-ai-company/credential" # type: ignore

Works for me in the meantime and isn't the worst hack.

@RENSAAS
Copy link

RENSAAS commented Jan 28, 2025

typev
SUPER_SECRET_API_KEY =laptop Vault

Important

EE: 0x0080,.×_Ω

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@rdhyee @jodyheavener @ApprenticeofEnder @maxcohen55 @flyback-rs @RENSAAS