You may want to use API keys, passwords or other sensitive information in your app, but you don’t want them stored in your code. If this is the case, it’s best to make use of Secrets. Secrets are stored encrypted (256-bit Advanced Encryption Standard (AES)) and are only decrypted when your app is run.

Secrets are shared across all apps in your project.

Adding a Secret will make the value available to your app as an environment variable.

Secrets are loaded on container startup. If you update a Secret, it will not take effect until your app container restarts.

def predict(run_id):

    print(f"Run ID: {run_id}")

    HF_TOKEN = os.environ.get("HF_TOKEN")
    logger.info("HF_TOKEN: " + HF_TOKEN)

    return {"result": f"Your HF_TOKEN is {HF_TOKEN}"}

Secrets are stored as a string so if your secret is a JSON payload or similar please remember to convert it to the correct format using something such as json.loads(os.environ.get(“MY_JSON_SECRET”)).

Managing Secrets

Secrets are created, updated and deleted in your dashboard.

Secrets are loaded on model start, you will need to wait for your app container to restart, or deploy your app before the new secret is available.

Local Development

When developing locally, you can use an .env file to store your secrets. Later the secrets from that file can be added to your project from the dashboard.

import os
from dotenv import load_dotenv

load_dotenv()

HF_TOKEN = os.environ.get("HF_TOKEN")
Customizing the Cortex RuntimeMulti-GPU Inferencing