Tweaks to env vars in Spaces (#1284)

Pierrci · osanseviero · web-flow · commit 52a3ab211ba6 · 2024-05-22T18:58:51.000-04:00
* Tweaks to env vars in Spaces

I think this is clearer, and it will also prevent Python noobs like me from having to google how to read an env var!

* Update docs/hub/spaces-overview.md

* Apply suggestions from code review

Co-authored-by: Omar Sanseviero &lt;osanseviero@gmail.com&gt;

---------

Co-authored-by: Omar Sanseviero &lt;osanseviero@gmail.com&gt;
diff --git a/docs/hub/spaces-overview.md b/docs/hub/spaces-overview.md
@@ -66,14 +66,25 @@ If your app requires environment variables (for instance, secret keys or tokens)
 	<img class="hidden dark:block" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/hub/secrets-and-variables-dark.png"/>
 </div>
 
+You can use:
 
-Variables are publicly accessible and viewable and will be automatically added to Spaces duplicated from your repository. They are exposed to your app as environment variables.
+* **Variables** if you need to store non-sensitive configuration values. They are publicly accessible and viewable and will be automatically added to Spaces duplicated from yours.
+* **Secrets** to store access tokens, API keys, or any sensitive values or credentials. They are private and their value cannot be read from the Space's settings page once set. They won't be added to Spaces duplicated from your repository.
 
-For Static Spaces, they are available through client-side JavaScript in `window.huggingface.variables`.
 
-For Docker Spaces, check out [environment management with Docker](./spaces-sdks-docker#secrets-and-variables-management).
+Accessing secrets and variables is different depending on your Space SDK:
 
-Secrets are private and their value cannot be retrieved once set. They won't be added to Spaces duplicated from your repository. The secrets will be exposed to your app with [Streamlit Secrets Management](https://blog.streamlit.io/secrets-in-sharing-apps/) if you use Streamlit, and as environment variables in other cases. For Docker Spaces, please check out [environment management with Docker](./spaces-sdks-docker#secrets-and-variables-management). Users are warned when our `Spaces Secrets Scanner` [finds hard-coded secrets](./security-secrets).
+- For Static Spaces, both are available through client-side JavaScript in `window.huggingface.variables`
+- For Docker Spaces, check out [environment management with Docker](./spaces-sdks-docker#secrets-and-variables-management)
+- For Streamlit Spaces, secrets are exposed to your app through [Streamlit Secrets Management](https://blog.streamlit.io/secrets-in-sharing-apps/), and public variables are directly available as environment variables
+
+For other Spaces, both are exposed to your app as environment variables. Here is a very simple example of accessing the previously declared `MODEL_REPO_ID` variable in Python (it would be the same for secrets):
+```py
+import os
+print(os.getenv['MODEL_REPO_ID'])
+```
+
+Spaces owners are warned when our `Spaces Secrets Scanner` [finds hard-coded secrets](./security-secrets).
 
 ## Duplicating a Space
 
