Add Kaggle Secrets documentation#1131
Conversation
Expose Kaggle Secrets usage in the CLI documentation to help users avoid hardcoding sensitive credentials in their notebooks. Added a new section "Using Secrets in Kernels" to docs/kernels.md and linked to it from docs/README.md. TAG=agy CONV=2a820637-152b-46a6-9a45-e29918f1e322
|
I think GitHub is flakey. There's nothing to build in this PR, so that check shouldn't fail. Re-running it just fires off a branch run, which succeeds. |
| * [Datasets](./datasets.md): Search, download, and manage Kaggle datasets. | ||
| * [Forums](./forums.md): Browse and read Kaggle discussion forums. | ||
| * [Kernels](./kernels.md): Interact with Kaggle Kernels (notebooks and scripts). | ||
| * [Kernels](./kernels.md): Interact with Kaggle Kernels (notebooks and scripts). Includes information on using [Kaggle Secrets](./kernels.md#using-secrets-in-kernels). |
There was a problem hiding this comment.
Is this necessary? We don't highlight the other sections.
There was a problem hiding this comment.
We should either have secrets mentioned here or listed as its own top-level item. I think this is fine, given our limitations on usage (only for notebooks run on kaggle.com).
|
|
||
| ## Using Secrets in Kernels | ||
|
|
||
| If your kernel needs to access sensitive information (like API keys or passwords) without exposing them in your code, you should use **Kaggle Secrets**. |
There was a problem hiding this comment.
Maybe you should highlight that secrets can't be defined via the CLI and you must define them in the notebook editor.
But I think what we really want is to have CLI support.
Is there a way to attach / detach a secret from the notebook using the CLI? Should we add one? (e.g. Should the kernels-metadata.json have a list of secrets to attach)
Should we add a way to set / delete secrets from the CLI? e.g. kaggle kernels secrets set HUGGING_FACE_HUB_TOKEN myTokenXyzValue.
The flow would be you create a secret with kaggle kernels secrets set KEY VALUE command. Then, you can add secrets = ['KEY'] in the kernels metadata.
There was a problem hiding this comment.
CLI support is an interesting idea to consider for V3, assuming that gets scheduled.
Maybe you should highlight that secrets can't be defined via the CLI and you must define them in the notebook editor.
Isn't that already done?
There was a problem hiding this comment.
We don't necessarily need a V3 to support secrets given it is additive and non-breaking. But agree that this outside the scope of a fixit. Can you file a bug?
re: highlight
I agree it is implicit given the instructions mention using the kernel but given this is the CLI doc, I could see a user quickly skimming though may be confused because they are looking for the CLI command for secrets. I would consider adding at the top of this section: "Note: secrets are not supported by the CLI and you must use the Kernel editor". I will leave it up to you.
There was a problem hiding this comment.
Fair point. I adjust the wording a bit.
Expose Kaggle Secrets usage in the CLI documentation to help users avoid hardcoding sensitive credentials in their notebooks.
Added a new section "Using Secrets in Kernels" to docs/kernels.md and linked to it from docs/README.md.
TAG=agy
CONV=2a820637-152b-46a6-9a45-e29918f1e322
Fixes ##408