I have set up a sagemaker studio , opened a terminal and cloned a project from gitlab repo, over https.
git clone https://somegilaburl/project
I dont' have access to save ssh keys, so i want to save my credentials as aws secret in secrets manager and use that from a jupyter notebook (not just terminal), to issue git pull/push commands. are there any examples of how to do this from a jupyter notebook?
Here's an example of achieving this through Lifecycle scripts:
## Parameters # your git provider, e.g. github.com GIT_PROVIDER="github.com" GIT_USERNAME="<provide your username here>" AWS_REGION="us-west-2" # Secret name stored in AWS Secrets Manager AWS_SECRET_NAME="my-git-credentials" # Secret key name inside the secret AWS_SECRET_KEY="github.com" ## Script Body PYTHON_EXEC=$(command -v python) cat > ~/.aws-credential-helper.py <<EOL #!$PYTHON_EXEC import sys import json import boto3 import botocore GIT_PROVIDER='$GIT_PROVIDER' GIT_USERNAME='$GIT_USERNAME' AWS_REGION='$AWS_REGION' AWS_SECRET_NAME='$AWS_SECRET_NAME' AWS_SECRET_KEY='$AWS_SECRET_KEY' if len(sys.argv) < 2 or sys.argv[1] != 'get': exit(0) credentials = {} for line in sys.stdin: if line.strip() == "": break key, value = line.split('=')[0:2] credentials[key.strip()] = value.strip() if credentials.get('host', '') == GIT_PROVIDER and \ credentials.get('username', '') == GIT_USERNAME: client = boto3.client('secretsmanager', region_name=AWS_REGION) try: response = client.get_secret_value(SecretId=AWS_SECRET_NAME) except botocore.exceptions.ClientError as e: exit(1) if 'SecretString' in response: secret = response['SecretString'] secret_dict = json.loads(secret) if AWS_SECRET_KEY in secret_dict: credentials['password'] = secret_dict[AWS_SECRET_KEY] for key, value in credentials.items(): print('{}={}'.format(key, value)) EOL chmod +x ~/.aws-credential-helper.py git config --global credential.helper ~/.aws-credential-helper.py ```
You can run line 52-63(after importing boto3) to get the secrets on a notebook as well.