For setting sensitive information (such as API keys or database credentials) to be accessed within your fal functions you can use the
fal secrets CLI interface.
$ fal secrets set MY_API_TOKEN token Secret 'MY_API_TOKEN' has set $ fal secrets set MY_IDENTITY_KEY identity Secret 'MY_IDENTITY_KEY' has set
Any secret that is set will be exposed to all functions running from your user, and can be accessible as if they are regular environment variables.
import os import fal @fal.function() def print_secrets(): print(os.getenv("MY_API_TOKEN")) print(os.getenv("MY_IDENTITY_KEY")) if __name__ == "__main__": print_secrets()
You can also list the secrets you have through the CLI, but the values will be hidden for security reasons.
$ fal secrets list Secrets ┏━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ ┃ Secret Name ┃ Created At ┃ ┡━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩ │ MY_API_TOKEN │ 2023-09-05 15:17:39.279347 │ │ MY_IDENTITY_KEY │ 2023-09-05 15:17:41.444478 │ └─────────────────────────┴────────────────────────────┘
To omit a secret from being present in new runs, you can simply delete it through the CLI:
$ fal secrets delete MY_API_TOKEN Secret 'MY_API_TOKEN' has deleted