Skip to content

AgentGino/1pass-env

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.github
.github
 
 
docs
docs
 
 
src/onepass_env
src/onepass_env
 
 
tests
tests
 
 
tests_consolidated
tests_consolidated
 
 
.gitignore
.gitignore
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
TEST_DOCUMENTATION.md
TEST_DOCUMENTATION.md
 
 
analyze_tests.py
analyze_tests.py
 
 
conftest.py
conftest.py
 
 
coverage_consolidated.xml
coverage_consolidated.xml
 
 
install.sh
install.sh
 
 
main.py
main.py
 
 
mkdocs.yml
mkdocs.yml
 
 
pyproject.toml
pyproject.toml
 
 
pytest.ini
pytest.ini
 
 
pytest_consolidated.ini
pytest_consolidated.ini
 
 
requirements.txt
requirements.txt
 
 
run_tests.py
run_tests.py
 
 
run_tests_consolidated.py
run_tests_consolidated.py
 
 
setup.py
setup.py
 
 
test_analysis_report.py
test_analysis_report.py
 
 
test_edge_cases.py
test_edge_cases.py
 
 
test_main.py
test_main.py
 
 

Repository files navigation

1pass-env

A focused CLI tool for importing environment variables from 1Password items. Quickly and securely import secrets from your 1Password vaults into environment files for your development workflow.

PyPI version Python Support License: MIT

Features

  • 🔐 Secure: Import secrets directly from 1Password using the official SDK
  • 🚀 Simple: One command to import all your environment variables
  • 🎯 Focused: Import exactly what you need with field filtering
  • 📁 Smart: Automatically detects project names from folder structure
  • 🔄 Safe: Confirms before overwriting existing files

Installation

pip install 1pass-env

Prerequisites

Quick Start

  1. Set up your 1Password service account token:

    export OP_SERVICE_ACCOUNT_TOKEN="your-service-account-token"

  2. Import all fields from a 1Password item:

    1pass-env import --name my-app

  3. Import specific fields only:

    1pass-env import --name my-app --fields API_KEY,DATABASE_URL

  4. Use with different vault and custom file:

    1pass-env import --vault production-secrets --name my-app --file .env.prod

Command Reference

import

Import environment variables from an existing 1Password item.

1pass-env import [OPTIONS]

Options:

  • --vault, -v: 1Password vault name to import from (default: 'tokens')
  • --name, -n: Item name in vault (default: current folder name)
  • --fields, -f: Specific fields to import (comma-separated, e.g., API_KEY,SECRET_KEY)
  • --file: Output file name (default: '1pass.env')
  • --debug: Enable debug logging for detailed output

Examples:

# Import all fields from item 'my-app' in 'tokens' vault to '1pass.env'
1pass-env import --name my-app

# Import specific fields only
1pass-env import --name my-app --fields API_KEY,DB_PASSWORD

# Import to a custom file
1pass-env import --name my-app --file .env.production

# Use a different vault
1pass-env import --vault secrets --name my-app

# Enable debug mode to see all details
1pass-env import --name my-app --debug

# Use current folder name as item name (automatic detection)
cd my-awesome-project
1pass-env import  # Looks for item named 'my-awesome-project'

How It Works

1pass-env connects to your 1Password vault using the official SDK and imports secrets into standard environment files:

  • Authentication: Uses a service account token set via OP_SERVICE_ACCOUNT_TOKEN
  • Smart defaults: Uses current folder name as item name if not specified
  • Safe merging: Preserves existing variables when importing to existing files
  • Field filtering: Import only the secrets you need for specific environments

Example Workflow

# Set up authentication
export OP_SERVICE_ACCOUNT_TOKEN="your-token-here"

# Import all development secrets
1pass-env import --vault dev-secrets --name my-project --file .env.dev

# Import only production API keys
1pass-env import --vault prod-secrets --name my-project --fields API_KEY,JWT_SECRET --file .env.prod

# Use the environment files
source .env.dev && npm start
# or with dotenv in your application
python -m dotenv -f .env.prod run python app.py

Generated File Format

# Environment variables imported from 1Password
# Vault: tokens
# Item: my-app
# Generated by 1pass-env

API_KEY="your-api-key-here"
DATABASE_URL="postgresql://user:pass@localhost/db"
JWT_SECRET="your-jwt-secret"

Configuration

Configure using environment variables:

  • OP_SERVICE_ACCOUNT_TOKEN: 1Password service account token (required)

Common Use Cases

Development Environment Setup

# Import shared development secrets
1pass-env import --vault dev-team --name shared-services

# Import project-specific secrets
1pass-env import --name my-project

# Override with local development values
echo "DEBUG=true" >> 1pass.env
echo "PORT=3001" >> 1pass.env

Multi-Environment Deployment

# Import environment-specific secrets
1pass-env import --vault dev-secrets --name myapp --file .env.development
1pass-env import --vault staging-secrets --name myapp --file .env.staging  
1pass-env import --vault prod-secrets --name myapp --file .env.production

# Use with your deployment process
source .env.production && docker-compose up -d

Development

Setup

git clone https://github.com/himakarreddy/1pass-env.git
cd 1pass-env
pip install -e ".[dev]"

Testing

pytest

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Acknowledgments

About

No description or website provided.

Topics

cli environment-variables 1password

Resources

Readme

License

MIT license

Contributing

Contributing
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages