Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat!: store all 1password secrets in a single entry #1954

Merged
merged 5 commits into from
Jul 12, 2024
Merged

feat!: store all 1password secrets in a single entry #1954

merged 5 commits into from
Jul 12, 2024

Conversation

matt2e
Copy link
Collaborator

@matt2e matt2e commented Jul 3, 2024
edited
Loading

closes #1947
closes #1772
Creates an entry in 1Password called <projectname>.secrets with each secret stored in a password field called <modulename>.<secretname>
Username is set to a warning string as that is presented at the top of the 1Password UI.

This will break existing secrets stored in 1Password. Migration can be done using commands made available in: #1982

@matt2e matt2e requested a review from alecthomas as a code owner July 3, 2024 05:37
@matt2e matt2e requested review from a team and deniseli and removed request for a team July 3, 2024 05:37
@ftl-robot ftl-robot mentioned this pull request Jul 3, 2024
Open
@matt2e
Copy link
Collaborator Author

matt2e commented Jul 3, 2024

I don't plan on merging this in yet until I have more PRs ready that will help transition existing projects

@matt2e matt2e force-pushed the matt2e/1p-single-entry branch 9 times, most recently from 17a2306 to acc10b5 Compare July 8, 2024 03:26
deniseli
deniseli approved these changes Jul 9, 2024
View reviewed changes
common/configuration/1password_provider.go
@@ -28,21 +29,25 @@ func (o OnePasswordProvider) Delete(ctx context.Context, ref Ref) error {
return nil
}

func (o OnePasswordProvider) itemName() string {
return o.ProjectName + ".secrets"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this need the "ftl." + prefix, or does that get added somewhere else?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I moved away from the ftl. prefix, but i hadn't updated the documentation. good catch!

common/configuration/1password_provider_test.go
assert.Error(t, err)

var pw1 = []byte("hunter1")
var pw2 = []byte(`{
"user": "root",
"password": "hunter🪤"
"password": "hun\\ter🪤"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hehehe nice!

@matt2e matt2e force-pushed the matt2e/1p-single-entry branch from acc10b5 to a2ce3e0 Compare July 12, 2024 01:07
@matt2e matt2e changed the title feat: store all 1password secrets in a single entry feat!: store all 1password secrets in a single entry Jul 12, 2024
@matt2e matt2e merged commit 3ee92a1 into main Jul 12, 2024
50 checks passed
@matt2e matt2e deleted the matt2e/1p-single-entry branch July 12, 2024 01:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@deniseli deniseli deniseli approved these changes

@alecthomas alecthomas Awaiting requested review from alecthomas alecthomas is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Use single 1Password entry for all secrets in a project secret set 1password entry to warn humans
2 participants
@matt2e @deniseli