@launchpadlab/opensesame v1.0.0
Opensesame CLI
A simple command line interface to store and share non-version controlled application secrets files within the 1Password vault structure.
Setup Instructions
npm install @launchpadlab/opensesame -g
- Within your project, ensure a npm command in the
package.json
file exists forload_secrets: opensesame -d XXX -v XXX -f XXX
. If one is not present, add it within thescripts
key. For this command-d
refers to thedocument_id
in 1Password,-v
refers to thevault_id
in 1Password,-f
refers to the localfile_path
where the secrets file is located.
{
...
"scripts": {
...,
"load_secrets": "opensesame -d XXX -v XXX -f XXX"
}
...
}
- If you know the values for
-d
-v
or-f
, please insert those values if not already set. Otherwise the CLI tool will guide you through how to set those. - Run the command
npm run load_secrets
and follow on-screen instructions
Manual Instructions
If you prefer, you can manually perform the initial steps and use the CLI for syncing secrets files and diff-ing.
1. Login to 1Password and create a new vault
(grab the id
of the vault as that will be used for the -v
argument to the CLI)
1. Within that vault, upload the secrets file to create a new document
(grab the id
of the document as that will be used for the -d
argument to the CLI)
1. Add the secrets file previously uploaded to 1Password in your project folder and make sure it is not tracked in version control. Grab the file_path
within your project for the secrets file as that will be used for the -f
argument to the CLI
1. Within the project's package.json
file, add a new key within the scripts
block for load_secrets: opensesame -d XXX -v XXX -f XXX
making sure to replace the XXX
values with the respective values captured in the previous steps.
1. Run the command npm run load_secrets
and follow on-screen instructions to sync secrets files within 1Password
FAQs
- This CLI tool can be used to sync any non-version controlled file into 1Password. Typically this is a
.env
orapplication.yml
file. However, it can also be used withrails credentials
to be used to sync the.key
files that are not version controlled. - To interact with 1Password directly, you can reference their documentation.
Maintainers Only: Publish Command
npm publish --access restricted