Forum Discussion

Sadia_A1P's avatar
Sadia_A1P
Icon for 1Password Team rank1Password Team
6 months ago

Introducing new .env file support in 1Password

Today, we’re introducing a first-of-its-kind feature available in the 1Password Desktop app. With the new local .env file destination in 1Password Environments, you can securely use and share .env ...
beta environments
lukasgabriel's avatar
lukasgabriel
New Contributor
3 months ago

Great feature, however I encountered some issues when trying to make use of it:

- There is currently no feature to reference existing 1Password items, which means I have to maintain stuff like tokens, passphrases etc. in two places when using the Environments feature.
- It would be great to support actually setting the environment variables - for example, for usage in Terraform variables. As a workaround, I tried to use `direnv` (on macOS) - but it does not recognize the 'file' created by 1Password, even when mounted/decrypted:

# When in folder with .envrc created/mounted by 1Password:

> direnv allow .
direnv: error .envrc file not found

- Another improvement would be to add another mounting option 'Terraform variable' which creates a `.tfvars` file at the desired location, and prefixes the variables with `TF_VAR` - this would cover a common use case and also remove the need for creating separate variables with that prefix.

But great idea with lots of potential!

  • cussiol's avatar
    cussiol
    New Contributor
    8 days ago

    I also use `direnv` on macOS, and it works great with this 1Password feature. But there is a change you need to do to make it work.

    The `dotenv` and `dotenv_if_exists` methods (on https://github.com/direnv/direnv/blob/02040c767ba64b32a9b5ef2d8d2e00983d6bc958/stdlib.sh#L230-L265) use `[[ -f $path ]]` to check for the file's existence. It won't work on named pipes (used by .env files). So, we need to change to `[[ -f $path || -p $path ]]` to check for both of them.

    While it is not officially fixed, you can make a local fix by overwriting the methods.

    Create a file `~/.config/direnv/lib/polyfills.sh` with:

    #!/usr/bin/env bash

# @see https://github.com/direnv/direnv/blob/02040c767ba64b32a9b5ef2d8d2e00983d6bc958/stdlib.sh#L230-L265

# unset -f dotenv dotenv_if_exists

# Usage: dotenv [<dotenv>]
#
# Loads a ".env" file into the current environment
#
dotenv() {
  local path=${1:-}
  if [[ -z $path ]]; then
    path=$PWD/.env
  elif [[ -d $path ]]; then
    path=$path/.env
  fi
  if [[ -f "$path" ]]; then
    watch_file "$path"
  fi
  if ! [[ -f "$path" || -p "$path" ]]; then
    log_error ".env at $path not found"
    return 1
  fi
  eval "$("$direnv" dotenv bash "$@")"
}

# Usage: dotenv_if_exists [<filename>]
#
# Loads a ".env" file into the current environment, but only if it exists.
#
dotenv_if_exists() {
  local path=${1:-}
  if [[ -z $path ]]; then
    path=$PWD/.env
  elif [[ -d $path ]]; then
    path=$path/.env
  fi
  if [[ -f "$path" ]]; then
    watch_file "$path"
  fi
  if ! [[ -f "$path" || -p "$path" ]]; then
    return
  fi
  eval "$("$direnv" dotenv bash "$@")"
}

     I hope it works there too.

  • lukasgabriel's avatar
    lukasgabriel
    New Contributor
    3 months ago

    If I do `export $(cat .envrc | xargs)` it works... half of the time - not sure why. But that's a cumbersome extra step anyways.