Env var loading and validation for 1Password (open source!)

If you are using 1Password to manage any dev/application secrets, you might be interested in our open source tool - https://varlock.dev

We just released a new update that introduces a plugin system and our first plugin is for 1Password (of course) - see https://varlock.dev/plugins/1password/

Our tool lets you define a .env.schema file, which can contain decorator style comments to add additional metadata to your env. This is then used to do validation, generate types, etc. The tool also introduces a new function call syntax, and while you can talk to any external cli using the exec()  function, the new 1Pass plugin also adds a new op() function which fetches items from 1Password.

So how is this different from using `op run`?

• Uses the SDK and service account tokens for deployed environments, and (optionally) uses op CLI for local dev (with biometric auth via the desktop app)
• Adds validation and coercion
• Automatic type generation (right now just for TypeScript, more to come)
• Understands which items are sensitive, and adds leak detection when possible
• Supports loading multiple env-specific files (.env.local, .env.production, etc)
• Supports explicit imports to break up files however you like
• Drop in integrations for many frameworks

You can also use Varlock alongside the new https://developer.1password.com/docs/environments/ by syncing your environment to a local file (such as `.env.local`) and varlock will automatically load those values, and apply its validation on top.

Would love for y'all to take a look, and to hear what you think!

Oh and please give us a ⭐ on GitHub @ https://github.com/dmno-dev/varlock

---

An example .env.schema file using the new 1Password plugin