Credentials Extraction

[DenisaCG]

The current version of jupyter-drives supports credentials extraction through the config file jupyter_notebook_config.py, where the user can set an access key and secret key to access their S3 buckets. It would look like this:

c.DrivesConfig.acess_key_id = '<YOUR_ACCESS_KEY>'
c.DrivesConfig.secret_access_key = '<YOUR_SECRET_ACCESS_KEY>'

Another option would be to use environment variables for the credentials extraction. This option may seem to be easier for the user, as they can just open jupyterlab with jupyter-drives extension installed and the backend should automatically detect and extract the credentials from their current environment.

For example, the jupyterlab-pullrequests extensions is using the config file for users to set their credentials, similar to the current behavior of this extension, while jupyterlab-git seems to be extracting them directly from the environment.

Both cases require the users' responsibility in specifying their credentials, whether in a config file or in their environment, and don't require storing those credentials from our side.

Any thoughts on how we should proceed, so that we follow the industry norm for the credentials extraction in a way that is secure enough to use S3 buckets, or cloud services in general?

@SylvainCorlay @afshin @trungleduc

[trungleduc]

Generally, AWS users log in by using the aws CLI tool. The credentials will be stored at ~/.aws/credentials, we can support reading this file to get the secrets and maybe allow users to specify the location to read the credentials file.

[DenisaCG]

Thanks for the suggestion @trungleduc! I think your idea makes the experience more seamless for users.

This PR https://github.com/QuantStack/jupyter-drives/pull/14 adds direct credentials extraction for AWS CLI users, as well as letting users specify the file path of their credentials.