k8s file-mounted secrets

[zalmane]

In K8S, it is common to mount secrets to a file such as tmpfs.
The typical format puts each secret into a separate file inside a mounted volume, where the key is the filename and the content is the value.
Is there a way to achieve loading this in Dynaconf?
If not, what is the best way to add this functionality (using hooks or plugin, or contribute a PR?).

[rochacbruno]

Right now, the easiest path is to create a hook function and attach it as shown here: https://www.dynaconf.com/advanced/?h=hooks#instance-approach

import os

def load_mounted_secrets(settings):
    data = {"dynaconf_merge": True}
    folder_path = "the/path/to/the/secrets" # or take from settings
    for filename in os.listdir(folder_path):
        file_path = os.path.join(folder_path, filename)
        if os.path.isfile(file_path):
            with open(file_path, 'r') as file:
                data[filename] = file.read().strip()
    return data

settings = Dynaconf(post_hooks=[load_mounted_secrets])

---

It would be great to have this feature built-in in a better standardized way, so A PR also welcome.

How I would do it:

1. Include a new variable on https://github.com/dynaconf/dynaconf/blob/master/dynaconf/default_settings.py something like SECRET_MOUNT_PATH_FOR_DYNACONF which will become the secret_mount_path= argument to the Dynaconf class.
2. Add a mounted_secrets_loader.py to https://github.com/dynaconf/dynaconf/tree/master/dynaconf/loaders, that loader will do what the function above does (following the loader Base class style)
3. On execute_loaders function invoke the loader (need to decide which order is best to load it)
4. Add an app example as a functional test on tests_functional folder
5. Add unit tests to the tests/ folder
6. Add docs