Hey everyone! 
I’m working on a Python project and I’m trying to figure out how to create environments that keep secrets safe for use in my code. I’ve mostly come across external methods for managing secrets, but I’m curious if there’s an internal way to handle this within Palantir itself.
Any tips or tricks you can share would be super helpful! Thanks in advance!
Assuming you need to store secrets because you want to perform API calls, you can look at external transforms.
The idea is that you create a data connection source, which stores the secrets you want/need and you can reference this source in your python code and access the secrets from there.
See https://www.palantir.com/docs/foundry/data-connection/external-transforms-source-based
@external_systems(
# specify the source that was imported to the repository
poke_source=Source("ri.magritte..source.e301d738-b532-431a-8bda-fa211228bba6")
)
@transform_df(
# this transform doesn't use any inputs, and only specifies an output dataset
Output("/path/to/output/dataset")
)
def compute(poke_source, ctx):
poke = poke_source.get_https_connection().get_client()
poke_url = poke_source.get_https_connection().url
# Similarly you can access the secrets, etc.
...
Curious to hear your use-case if that’s not to perform API calls.
You could still use External Transform/A source and just “store whatever you need” this way, but there might be simpler approaches.