Create a secret
- Baseten UI
- cURL
To create a secret:
- Sign in to your workspace at app.baseten.co and go to Secrets in your workspace settings.
- Enter a name for the secret, for example
hf_access_token. - Enter the secret value.
- Choose Add secret.
Secrets named
DOCKER_REGISTRY_<registry-host> authenticate image pulls from private registries. Their value must be the Base64 encoding of username:password; Baseten validates this when you save the secret.Use secrets in your model
Once you’ve created a secret, declare it in yourconfig.yaml and access it in your model code.
Specify the reference to the secret in config.yaml:
config.yaml
Model class. To access them, store the secrets in __init__:
model/model.py
load or predict method by accessing it with the key:
model/model.py
This pattern works when your
model.py downloads the weights itself. To authenticate weights loaded through the Baseten Delivery Network (the weights: config), reference the secret from the per-source auth block instead. A secrets: entry alone does not authenticate weight mirroring.Use secrets in custom Docker images
When using custom Docker images, Truss injects secrets into your container at/secrets/{secret_name} instead of
passing them through kwargs.
You must specify the reference to the secret and then access it in your start_command or application code.
Specify the reference to the secret in config.yaml:
config.yaml
Read secrets in your start_command
To read a secret in your start_command:
config.yaml
Read secrets in application code
To read a secret in application code:model/model.py