Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AzureKeyVaultSettingsSource ignoring SettingsSource Priority #412

Closed
DavidRR-F opened this issue Sep 19, 2024 · 3 comments · Fixed by #415
Closed

AzureKeyVaultSettingsSource ignoring SettingsSource Priority #412

DavidRR-F opened this issue Sep 19, 2024 · 3 comments · Fixed by #415
Labels
bug Something isn't working

Comments

@DavidRR-F
Copy link

I am trying to use the AzureKeyVaultSettingSource in my BaseSettings class configuration as specified in the docs.

I am running into an issue were, if I have an environment variable referenced in the class whose key is defined with an underscore FOO_BAR, a SettingsError as thrown by AzureKeyVaultSetttingSource rather than the key value being initialized by the env_settings which is configured to have a higher priority.

I know azure keyvault does not support underscores in secret names so this is most likely the source of the error, but I figured that source priority would initialize the environment variables first so the azure source would not try and grab that value.

Example:

python==3.10
pydantic-settings==2.5.2
pydantic==2.9.2
azure-identity==1.17.1

from pydantic_settings import (
    AzureKeyVaultSettingsSource,
    BaseSettings,
    PydanticBaseSettingsSource
)
from pydantic import Field, computed_field
from azure.identity import DefaultAzureCredential
from typing import Tuple, Type
import os

class Settings(BaseSettings):
    FOO: str # azure key vault value
    FOO_BAR: str # environment variable

    @classmethod
    def settings_customise_sources(
        cls,
        settings_cls: Type[BaseSettings],
        init_settings: PydanticBaseSettingsSource,
        env_settings: PydanticBaseSettingsSource,
        dotenv_settings: PydanticBaseSettingsSource,
        file_secret_settings: PydanticBaseSettingsSource,
    ) -> Tuple[PydanticBaseSettingsSource, ...]:
        az_key_vault_settings = AzureKeyVaultSettingsSource(
            settings_cls,
            os.environ.get("AZURE_KEY_VAULT_URL"),
            DefaultAzureCredential(),
        )
        return (
            init_settings,
            env_settings,
            dotenv_settings,
            file_secret_settings,
            az_key_vault_settings,
        )

settings = Settings()

print(setting.FOO, setting.FOO_BAR)

Error

Settings Error: pydantic_settings.sources.SettingsError: error getting value for field "FOO_BAR" from source "AzureKeyVaultSettingsSource"

Have I misconfigured/misunderstood something?

Does each setting iterate through each key independantly regardless of priority?

Thanks in advance! 😊
@hramezani hramezani mentioned this issue Sep 20, 2024
Merged
@hramezani
Copy link
Member

Thanks @DavidRR-F for reporting this issue.

Does each setting iterate through each key independantly regardless of priority?

Yes, this is the way pydantic-settings works.

I think the source of the problem is

pydantic-settings/pydantic_settings/sources.py

Lines 2035 to 2038 in 7e7ccdb

try:
self._loaded_secrets[key] = self._secret_client.get_secret(key).value
except ResourceNotFoundError: # type: ignore
raise KeyError(key)

I created #415 to fix the problem. Can you confirm the fix?

@hramezani hramezani added bug Something isn't working and removed unconfirmed labels Sep 20, 2024
@DavidRR-F
Copy link
Author

Great! I have tested, yes this resolves the issue

@hramezani
Copy link
Member

Thank you for your quick feedback! I merged the PR and it will be released in the next release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix AzureKeyVaultSettingsSource problem in case of field with underscore pydantic/pydantic-settings
3 participants
@hramezani @dmontagu @DavidRR-F