Closed jeliebig closed 10 months ago
is 1Password Connect not an option?
That requires an accessible Connect server, which we currently don't have. Our Connect server is accessible from within our Kubernetes environment, so we'd need to forward the port to our machines to use this option.
Since the 1Password CLI is available on all of our machines I thought it would be nice to add that as a secret backend instead.
I will not integrate 1Password into core, because there is at least a 1Password integration available and I'm unable to maintain such an integration since I do not own a 1Password account and i have no experience with it.
But helm-secrets support custom backends which is desigend to integrate non core secret backends.
There are some community examples for integrate the Vault CLI, doppler CLI and gopass CLI already. Feel free to provide the 1password one, too.
Here is an example YAML
which will be parsed by
it works, because helm-secrets provides a library https://github.com/jkroepke/helm-secrets/blob/main/scripts/lib/backends/_custom.sh for custom integration which handle the yaml paring.
Problem Statement
Currently there are two secret backends available: sops and vals However none of them support the 1Password CLI as a secret source.
Proposed Solution
Let's implement a new secret backend for the 1Password CLI!
Environment
Additional information
Acceptance Criteria