Open carey404 opened 4 days ago
In the short and medium term, I don't think we can consider this at all. In the long term, it depends on what features 1Password adds to the SDK — but I am not optimistic based on the current limitations.
op://
URL references are supported, and op://
URL references do not currently have an account
field (see above about multiple 1Password accounts).These feel like making 1Password Service Accounts alternatives to 1Password Connect or Hashicorp Vault in the long term, not something that would be used on an end-user machine.
Thank you @carey404 for opening this issue and thank you @halostatue for the in-depth analysis!
I think this is worthwhile to include in chezmoi for several reasons:
chezmoi already includes support for multiple secret providers targeted at automated machines, e.g. AWS Secrets Manager, Azure Key Vault, and Doppler. There is evidence that people do use these services to populate secrets in their dotfiles as these contributions were made by users, e.g. craiggwilson
in #2219, catay
in #3112, and equals03
in #3134. (Not using @ mentions to avoid spamming them).
We can add this functionality in parallel to the existing 1Password support using the 1Password CLI by using different template function names, i.e. we can do this while maintaining full backwards compatibility.
Even though the 1Password SDKs are currently in beta, we can clearly signal this to users, and no doubt the 1Password SDK will increase in capability over time.
Is your feature request related to a problem? Please describe.
1Password recently released SDKs that support reading and writing secrets directly from 1Password without the need for the CLI or a Connect server. This simplifies the integration process and reduces the dependency on additional infrastructure.
Describe the solution you'd like
Extend the 1Password integration to support the new 1Password SDKs. This would allow users to:
Describe alternatives you've considered
Continuing to use the integration with the CLI or Secrets Automation.
Additional context
The 1Password SDKs are currently in beta. Documentation can be found here: https://developer.1password.com/docs/sdks/