op run
This core insight — that configuration should be separate from code — led to the widespread adoption of
.envfiles.[…]
You add this file to
.gitignoreto keep it out of version control, and load these variables into your environment at runtime with a tool or library.[…]
oplets you manage 1Password from the command-line. You can do all the CRUD operations you’d expect for items in your vault. But its killer features is theop runsubcommand, which can dynamically inject secrets from your 1Password vault into your application’s environment.Instead of storing sensitive values directly in your
.envfile, you reference them using specialop://URLs[…]
It’s great to see NSHipster back after a five-year hiatus.
1 Comment RSS · Twitter · Mastodon
Cool to see that the idea of using URIs for this stuff is catching on. Not sure why it needs to be 1Password, I personally use the Keychain, for example to store blogger credentials and tokens.
#!env st
#-blogger
scheme:https setHeaders: #{ Content-Type: 'application/json' }.
scheme:https setAccessToken: keychain:password/blogger.com/access_token stringValue.
blogid ← '8397311766319215218'.
theRef ← ref:https://www.googleapis.com/blogger/v3/blogs/{blogid}/
scheme:blogger ← theRef asScheme
shell runInteractiveLoop.
