GitHub Repository

Deterministic, CI-safe API key resolution with optional runtime validation (stdlib-only)

1 starsPython

API-pilot – deterministic API key resolution with runtime validation

Name: API-pilot – deterministic API key resolution with runtime validation
Availability: InStock
Author: avi7777

by avi7777·Feb 13, 2026·1 point·1 comment

Visit Project View on HN

AI Analysis

●●SolidNiche GemSolve My ProblemShip It

The Take

Deterministic fallback order (ENV → .env → vault) plus an opt-in validation mode and a strict CI-friendly option is a practical combo I wish I'd had in several projects. The doctor CLI that lists found keys and minimal provider probes (e.g., GET /v1/models for OpenAI) is a nice touch — useful for catching bad tokens before a pipeline runs. It’s not reinventing secret managers, but the zero-deps, stdlib-only approach and CI strictness make it an immediately usable tool for small teams.

Post Description

I built a small stdlib-only tool to make API key handling deterministic and CI-safe.

Resolves from ENV → .env → vault, with optional runtime validation probes. No deps beyond Python stdlib.

Example:

from api_pilot import resolve_key client = OpenAI(api_key=resolve_key("openai", validate=True))

CLI doctor command:

$ api-pilot-doctor .env file found OPENAI_API_KEY found in environment

Modes: • Default: ENV → .env → vault • Validation: optional runtime API probes • Strict: fails if .env used (CI safety)

MCP integration ready.

Feedback welcome!

Similar Projects

Developer Tools●●Solid

EnvSentinel – contract-driven .env validation, zero dependencies

Solves a real CI/CD pain, but dotenv validation already exists (python-dotenv, pydantic).

Solve My ProblemShip It

tweakyourpc

102mo ago

Developer Tools●Mid

Touchenv – store ENV master keys in macOS keychain

Touch ID for ENV secrets is clever, but dotenvx and 1Password CLI already solve this.

CozyNiche Gem

tillcarlos

422mo ago

Security●●●Banger

MVAR – Deterministic sink enforcement for AI agent

IFC + capabilities block prompt injection at execution sinks, not input filters—40yr research applied.

Big BrainWizardry

ShawnC21

113mo ago

Developer Tools●Mid

Msgspec-config, yet another config library for msgspec

Msgspec config wrapper with pydantic-settings ergonomics—but Pydantic, Dynaconf, and Hydra exist.

Niche Gem

maxpareschi

203mo ago

Security●Mid

Keysee – deterministic identicons for public keys

Useful utility for key verification, but browser extensions already do this.

Niche Gem

scottmotte

1127d ago

Developer Tools●●Solid

VSCode .env Autocomplete

Scans code for variable usage to autocomplete .env keys automatically.

Solve My ProblemCozy

chrillemn

202mo ago