1Password: cache repeated lookups

namespacelabs · Nov 16, 2023 · f35cbbf · f35cbbf
1 parent ab0301f
commit f35cbbf
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/internal/providers/onepassword/secrets.go b/internal/providers/onepassword/secrets.go
@@ -37,13 +37,18 @@ type provider struct {
 	mu               sync.Mutex
 	ensureAccountErr error
 	once             sync.Once
+	cache            map[string][]byte
 }
 
 func (p *provider) Read(ctx context.Context, ref string) ([]byte, error) {
 	// Serialize reads to ensure there is only one approval pop-up.
 	p.mu.Lock()
 	defer p.mu.Unlock()
 
+	if data, ok := p.cache[ref]; ok {
+		return data, nil
+	}
+
 	// If no account is configured, `op read` does not fail but waits for user input.
 	// Hence, we ensure that a user account is indeed configured.
 	if err := p.ensureAccount(ctx); err != nil {
@@ -60,7 +65,9 @@ func (p *provider) Read(ctx context.Context, ref string) ([]byte, error) {
 		return nil, fnerrors.InvocationError("1Password", "failed to invoke %q: %w", c.String(), err)
 	}
 
-	return b.Bytes(), nil
+	data := b.Bytes()
+	p.cache[ref] = data
+	return data, nil
 }
 
 func (p *provider) ensureAccount(ctx context.Context) error {