Skip to content

dtruong0/1password-secret-automation-ci

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
env
env
 
 
images
images
 
 
scripts/env
scripts/env
 
 
.gitignore
.gitignore
 
 
LICENSE.MD
LICENSE.MD
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

Local OP CLI and CI OP Secret Automation Setup

Configuration management system that utilizes One Password CLI for local development and Secret Automation for CI

  • Single entry point for both tools
  • Run secret automation in CI without hosting an external server
  • Multi environment and multi tenanted approach to configuration
  • Secrets loaded and command executed from sub shell
  • Human credentials used in local, machine token in CI

Usage

Local (CLI)

ENV=dev make test

CLI Example

CI (Secret Automation)

ENV=dev make test-ci

Secret Automation Example

Setup

Secret Setup

1. Create vault in OP and define OP_VAULT in env/.env.shared-env
2. Create secrets document in OP named application.shared-env and application.dev
3. Add section called "Secrets" to documents
4. Add secrets to newly created sections

Secret Doc Example

Add vault id to env/.env.shared-env

Local

brew install --cask 1password-cli
op signin <Your Domain>.1password.com <Your Account>
// *Secret Key can be found : 1password7 app > preferences > accounts

CI

Follow steps https://support.1password.com/secrets-automation/

//Store secrets in CI
OP_TOKEN=<Machine user access token>
OP_AUTOMATION_CREDENTIALS=<Base64 encoded 1password-credentials.json >

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages