search

anasinnyk / terraform-provider-onepassword

Terraform provider for 1Password
GNU Lesser General Public License v3.0
128 stars 38 forks source link

document: add support for binary docs as b64 #59

Closed bendrucker closed 2 years ago

bendrucker commented 3 years ago

This adds a binary attribute to data.onepassword_item_document that can be set for a document that has binary content. When binary = true, the client will base64 encode the resulting output bytes so that it can be handled by Terraform. This allows binary documents stored in 1Password to be passed to other Terraform resources that support binary data such as local_file and aws_s3_bucket_object.

bendrucker commented 3 years ago

Since there were no acceptance tests covering this resource, I went ahead and built/tested locally. Given this config:

data "onepassword_item_document" "binary" {
  vault = "..."
  name = "My Binary Document"
  binary = true
}

output "content" {
  value = data.onepassword_item_document.binary.content
}

I was able to terraform apply and terraform output -raw content | base64 --decode > file.binary. The content was correct. I was originally interested in sourcing some .p12 certificate archive files from 1Password and confirmed that writing the decoded output to disk resulted in a valid archive that openssl could verify.

bendrucker commented 2 years ago

I'll go ahead and close this, totally understand if you don't intend to maintain this further with the official provider now available