Skip to content

Feature request: Support Colab Secrets (userdata) in CLI mode #48

Description

@exusiaiwei

Summary

google.colab.userdata.get() does not work in CLI mode — it throws TimeoutException for every key. This forces users to hardcode API keys or use awkward workarounds to pass secrets (HF_TOKEN, WANDB_API_KEY, etc.) to scripts run via colab run or colab exec.

Steps to reproduce

colab run --timeout 30 script.py

Where script.py contains:

from google.colab import userdata
token = userdata.get("HF_TOKEN")  # TimeoutException

The same code works fine in the Colab web UI, where Secrets are configured via the sidebar.

Expected behavior

Secrets configured in the Colab web UI should be accessible in CLI sessions, since they are tied to the user account, not the notebook.

Current workarounds

  • Pipe os.environ via echo ... | colab exec before running the actual script (ugly, leaks keys in shell history)
  • Upload a dotenv file then read it in the script (extra step per session)
  • Hardcode keys in scripts (not acceptable for shared/published code)

Proposed solution

Either:

  1. Make userdata.get() work transparently in CLI sessions (ideal)
  2. Add a colab secret set KEY VALUE CLI command to inject secrets into a running session
  3. Add --env KEY=VALUE flag to colab run / colab exec

Option 3 would be the most agent-friendly — AI agents driving Colab CLI could read secrets from local env and pass them explicitly.

Environment

  • colab version: 0.5.9
  • OS: WSL2 (Ubuntu 24.04)
  • Auth: --auth oauth2
  • Colab Pro+ subscription

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions