Forum Discussion

integralist's avatar
integralist
New Contributor
4 months ago
Solved

Why does the 1P CLI not access the local 1P store?

👋 I have a shell script with lots of "secret references"... export EXAMPLE1_API_KEY=$(op read "op://<VAULT_NAME>/<ENTRY_NAME>/<SECTION_NAME>/<FIELD_NAME>") export EXAMPLE2_API_KEY=$(op read "op:/...
CLI
  • integralist's avatar
    integralist
    13 days ago

    Thanks theo​ I didn't realise that `op inject` did a bulk fetch. That actually means I can completely drop my other work-around in favour of doing this...

    In a `~/.localrc` I have:

    export EXAMPLE_API_KEY={{ op://VaultName/SecretName/SectionName/TokenName }}
export ANOTHER_API_KEY={{ op://VaultName/SecretName/SectionName/TokenName }}

    I can then source via `op inject` from my `~/.zshrc`:

    # Configuration you don't want as part of your main .zshrc
# For me, this is a template file that includes 1Password secret references.
# Meaning, I need to source the file via `op inject` so I can interpolate my secrets.
#
if [ -f "$HOME/.localrc" ]; then
	if command -v op >/dev/null; then
		op signin --account my.1password.com
		source <(op inject -i $HOME/.localrc)
	fi
fi

    This loads much faster now, even when I open a new shell instance I just get a single OS popup asking me to authorize the shell to access 1Password (and I don't need my password as it has that already and so it just needs me to press a button, which I'm fine with -- see screenshot).

     

integralist's avatar
integralist
New Contributor
15 days ago

👋 phildmno​ I've put my workaround below. I would be interested to know what y'all used as a workaround to this.

phildmno's avatar
phildmno
Occasional Contributor
15 days ago

theozero​ will know more about the specifics there