understanding secrets

Hi Observable!

I’ve been reading over the documentation regarding secrets, but I don’t know if it’s possible to use a secret to solve my concern:

I have a CSV file with a full collection of information. I want to share a subset of that information to other notebooks, but i don’t want the other notebooks to be able to see the full CSV source.

If I import the full CSV file into an notebook and filter it down to the bits I want, how do I ‘export’ that result without exposing the original?

I have tried storing the original notebook ID as a secret in the hopes of using it like this:

import {cao_case_data_public} from Secret(`cao-public`)

… but this doesn’t seem to work. Also, if I just enter Secret(cao-public) into a cell, it returns the notebook’s secret ID. I assume that I am the only one who would see this?

Is there a way to pull out a cell value from a private notebook without exposing that notebook to public audiences?

Thanks in advance for your help!

I could be wrong but I don’t think you’ll be able to use Observable’s Secrets to do what you want. Observable notebooks are all run client-side, so if you have someone import an output cell from your private filtering notebook, their browser will run all the code necessary to generate that file, including downloading the full CSV file onto their computer.

Instead, I suggest saving the result of your filtering as a separate CSV file, hosting it somewhere, and then having your public-facing notebook fetch that file instead.

Here’s some code for a cell that makes a download button that you can put in your filtering notebook to save your final result to disk:

DOM.download(new Blob([csv], {type:'text/csv'}), "output.csv", "Download CSV")

(Here csv should be a string representation of your filtered CSV file).

1 Like

Thanks Bryan… and that was what I was afraid of…

Thanks, too, for your alternative workflow. Unfortunately, it’s not ideal for the concept that I was envisioning. The idea would be to keep the ‘full’ CSV up-to-date, and to have changes ‘cascade’ down into public notebooks, which would be based on the ‘public’ sub-set. This would allow changes to take effect as the full CSV is updated.

… I keep trying to come up with a ‘secure’ way of doing this but it seems everything can be chased back to the original source file…

Hmm, you might be able to use this Google sheets trick. The idea would be to host your full data set on Google sheets and then program a spreadsheet there to perform your filtering / processing. Then you can create a separate public “sheet” which selects your output columns and you can then fetch from the public sheet without exposing the full data.

If you’re dead set on using Observable notebooks to do your data processing, in principle it’s also possible to set up a web server which runs some Observable code on the back end and then only serves certain cells, but setting this up would be a bigger project. (I dunno, maybe this will be a “Teams” feature someday…)

2 Likes

Thanks again. The Google Sheets trick is also a good work-around, and indeed close to what I am after.

We don’t / can’t use Google Sheets at work, unfortunately, so I’ll probably have to set up a server and run some sort of process to automatically re-generate the public CSV when changes are made to the full/private one. I can envision how this work work under AWS, but it certainly is a different / larger process. It also means I can’t adjust the public attributes on the fly from a non-shared / private notebook, which would have been sweet.

:pensive: alas!!

1 Like