Loading 1Password credentials inside a Docker Container from an Environment.
I have a Docker container that runs a server application, and I’m using 1Password Environments to store all of the credentials for this service.
What I’d like to do is load all secrets from a specific 1Password Environment into the container’s runtime environment only when I start the server, not at build time and not as long‑lived plain env vars on the host. In other words, I want something like:
- Start command (or entrypoint) pulls secrets from a given 1Password Environment
- Those secrets are exposed as environment variables inside the container
- The server process then reads them as normal env vars
- Once the server stops, the secrets are no longer present
I’ve seen references to using op run to inject env vars for a command, and also to using 1Password Environments / Connect for runtime secret delivery, but I’m not sure what the recommended pattern is for a simple Docker container scenario.
