Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add the op CLI in the script #5

Merged
merged 50 commits into from
Aug 30, 2022
Merged

Add the op CLI in the script #5

merged 50 commits into from
Aug 30, 2022

Conversation

edif2008
Copy link
Member

@edif2008 edif2008 commented Aug 3, 2021

By adding the 1Password Command Tool in the script, we no longer need to look for environment variables that have a reference and fetch the values of the secrets through shell script. Instead, we use the commands op list envars and op read (alpha version)

Side note: this is dependent on the release of the version of the 1Password Command Line Tool that contains the command op list envars. Once that is released, this can be merged.

By adding the `op-cli` in the script, we no longer need to look for environment variables that have a reference and fetch the values of the secrets through shell script. Instead, we use the commands `op list envars` and `op read` (alpha version)
@edif2008 edif2008 changed the title Add the op-cli in the script Add the op CLI in the script Aug 3, 2021
entrypoint.sh Outdated Show resolved Hide resolved
The command is changed from `op list envars` to `op env ls`
This is done to be able to pass loaded secrets as output. This is not available with a composite action, unless we hard-code the action's outputs, which is not a desired outcome.
Enable using loaded secrets from step's output
@edif2008
Copy link
Member Author

edif2008 commented Sep 2, 2021

Putting this PR on hold for now, since it is waiting for the functionality of the CLI to hit GA.

Give examples for both ways of loading secrets. Update masking. Add security and help sections.
@edif2008
Copy link
Member Author

edif2008 commented May 18, 2022

Note: Find a fix to avoid command injection, specifically this code.

@hanerd
Copy link

hanerd commented Jul 7, 2022

Is there anything I can do to help get this merged in?

We make extensive use of op inject and would love to put up a PR to include that in this action.

README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
Copy link
Member Author

@edif2008 edif2008 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've taken another round through the code and now I feel more confident about this transition of the action.

One small remark I have (besides my comments):
I've noticed that we had a test when the action was used twice (e.g. load some secrets, then load some more). Now we no longer have it.
Would it help to have such test case? What do you think?

Once the comments have been addressed, this PR is good to be merged. 😄

.gitignore Outdated Show resolved Hide resolved
README.md Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
@volodymyrZotov
Copy link
Contributor

I've taken another round through the code and now I feel more confident about this transition of the action.

One small remark I have (besides my comments): I've noticed that we had a test when the action was used twice (e.g. load some secrets, then load some more). Now we no longer have it. Would it help to have such test case? What do you think?

Once the comments have been addressed, this PR is good to be merged. 😄

@edif2008 Thank you for the review.
Regarding the tests. Currently we have few more test cases and they cover what was initially and some new cases in addition.

@volodymyrZotov volodymyrZotov merged commit 8c15b6c into main Aug 30, 2022
@volodymyrZotov volodymyrZotov deleted the feature/add-cli branch August 30, 2022 07:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants