Merge branch 'master' of github.com:Kaggle/docker-python

Author: mcollins42

Dockerfile

@@ -137,7 +137,8 @@ RUN apt-get -y install zlib1g-dev liblcms2-dev libwebp-dev libgeos-dev && \
     pip install cartopy && \
     # MXNet
     pip install mxnet && \
-    pip install --upgrade numpy && \
+    # b/140423854 v1.17 prints annoying deprecation warning messages with TensorFlow 1.14.0. Remove once we upgrade to TF 1.14.1 or 2.x
+    pip install numpy==1.16.4 && \
     pip install gluonnlp && \
     pip install gluoncv && \
     # h2o (requires java)
@@ -432,8 +433,9 @@ RUN pip install bcolz && \
 RUN pip install jsonnet overrides tensorboardX && \
     pip install flask>=1.0.2 flask-cors>=3.0.7 gevent>=1.3.6 && \
     pip install unidecode parsimonious>=0.8.0 sqlparse>=0.2.4 word2number>=1.1 && \
-    pip install pytorch-pretrained-bert>=0.6.0 jsonpickle && \
+    pip install pytorch-pretrained-bert>=0.6.0 pytorch-transformers==1.1.0 jsonpickle && \
     pip install requests>=2.18 editdistance conllu==0.11 && \
+    pip install conllu==1.3.1 && \
     pip install --no-dependencies allennlp && \
     /tmp/clean-layer.sh
 

patches/kaggle_secrets.py

@@ -26,6 +26,10 @@ class CredentialError(Exception):
 class BackendError(Exception):
     pass
 
+
+class ValidationError(Exception):
+    pass
+
 @unique
 class GcpTarget(Enum):
     """Enum class to store GCP targets."""
@@ -47,6 +51,7 @@ def service(self):
 
 class UserSecretsClient():
     GET_USER_SECRET_ENDPOINT = '/requests/GetUserSecretRequest'
+    GET_USER_SECRET_BY_LABEL_ENDPOINT = '/requests/GetUserSecretByLabelRequest'
     BIGQUERY_TARGET_VALUE = 1
 
     def __init__(self):
@@ -60,8 +65,8 @@ def __init__(self):
                 f'but none found in environment variable {_KAGGLE_USER_SECRETS_TOKEN_ENV_VAR_NAME}')
         self.headers = {'Content-type': 'application/json'}
 
-    def _make_post_request(self, data: dict) -> dict:
-        url = f'{self.url_base}{self.GET_USER_SECRET_ENDPOINT}'
+    def _make_post_request(self, data: dict, endpoint: str = GET_USER_SECRET_ENDPOINT) -> dict:
+        url = f'{self.url_base}{endpoint}'
         request_body = dict(data)
         request_body['JWE'] = self.jwt_token
         req = urllib.request.Request(url, headers=self.headers, data=bytes(
@@ -88,6 +93,26 @@ def _make_post_request(self, data: dict) -> dict:
                     ' Please ensure you have access to the resource.') from e
             raise BackendError('Unexpected response from the service.') from e
 
+    def get_secret(self, label) -> str:
+        """Retrieves a user secret value by its label.
+
+        This returns the value of the secret with the given label,
+        if it attached to the current kernel.
+        Example usage:
+            client = UserSecretsClient()
+            secret = client.get_secret('my_db_password')
+        """
+        if label is None or len(label) == 0:
+            raise ValidationError("Label must be non-empty.")
+        request_body = {
+            'Label': label,
+        }
+        response_json = self._make_post_request(request_body, self.GET_USER_SECRET_BY_LABEL_ENDPOINT)
+        if 'secret' not in response_json:
+            raise BackendError(
+                f'Unexpected response from the service. Response: {response_json}')
+        return response_json['secret']
+
     def get_bigquery_access_token(self) -> Tuple[str, Optional[datetime]]:
         """Retrieves BigQuery access token information from the UserSecrets service.
 

tests/test_user_secrets.py

@@ -12,7 +12,8 @@
 from google.cloud import bigquery
 from kaggle_secrets import (_KAGGLE_URL_BASE_ENV_VAR_NAME,
                             _KAGGLE_USER_SECRETS_TOKEN_ENV_VAR_NAME,
-                            CredentialError, GcpTarget, UserSecretsClient, BackendError)
+                            CredentialError, GcpTarget, UserSecretsClient,
+                            BackendError, ValidationError)
 
 _TEST_JWT = 'test-secrets-key'
 
@@ -37,7 +38,7 @@ def do_POST(s):
 
 
 class TestUserSecrets(unittest.TestCase):
-    SERVER_ADDRESS = urlparse(os.getenv(_KAGGLE_URL_BASE_ENV_VAR_NAME))
+    SERVER_ADDRESS = urlparse(os.getenv(_KAGGLE_URL_BASE_ENV_VAR_NAME, default="http://127.0.0.1:8001"))
 
     def _test_client(self, client_func, expected_path, expected_body, secret=None, success=True):
         _request = {}
@@ -84,6 +85,34 @@ def test_no_token_fails(self):
             with self.assertRaises(CredentialError):
                 client = UserSecretsClient()
 
+    def test_get_secret_succeeds(self):
+        secret = '12345'
+
+        def call_get_secret():
+            client = UserSecretsClient()
+            secret_response = client.get_secret("secret_label")
+            self.assertEqual(secret_response, secret)
+        self._test_client(call_get_secret,
+                          '/requests/GetUserSecretByLabelRequest', {'Label': "secret_label", 'JWE': _TEST_JWT},
+                          secret=secret)
+    
+    def test_get_secret_handles_unsuccessful(self):
+        def call_get_secret():
+            client = UserSecretsClient()
+            with self.assertRaises(BackendError):
+                secret_response = client.get_secret("secret_label")
+        self._test_client(call_get_secret,
+                          '/requests/GetUserSecretByLabelRequest', {'Label': "secret_label", 'JWE': _TEST_JWT},
+                          success=False)
+
+    def test_get_secret_validates_label(self):
+        env = EnvironmentVarGuard()
+        env.set(_KAGGLE_USER_SECRETS_TOKEN_ENV_VAR_NAME, _TEST_JWT)
+        with env:
+            client = UserSecretsClient()
+            with self.assertRaises(ValidationError):
+                secret_response = client.get_secret("")
+                          
     @mock.patch('kaggle_secrets.datetime')
     def test_get_access_token_succeeds(self, mock_dt):
         secret = '12345'