Skip to content

Instantly share code, notes, and snippets.

@PurpleBooth

PurpleBooth/1password

Last active Oct 22, 2020
Embed
What would you like to do?
Use sops to cache the one password vault session token because op is horrible to use
#!/usr/bin/env bash
set -euo pipefail
CACHE_DIR="${XDG_CACHE_HOME:-$HOME/Library/Caches}/wrapper-1password"
CACHE_FILE="$CACHE_DIR/session-token.yaml"
OP_LOCATION="$(command -v op)"
mkdir -p "$CACHE_DIR"
function run_op() {
EXEC_COMMAND=(
"$OP_LOCATION"
"--session"
"\$data"
"$@"
)
sops exec-env \
"$CACHE_FILE" \
"${EXEC_COMMAND[*]}"
}
# Check token still valid
if [ -f "$CACHE_FILE" ] ; then
ERROR=$(run_op list vaults 2>&1 >/dev/null)
if [[ $ERROR == *"You are not currently signed in."* ]]; then
rm "$CACHE_FILE"
fi
fi
# Login
if ! [ -f "$CACHE_FILE" ] ; then
op signin op-wrapper --raw | sops --encrypt /dev/stdin > "$CACHE_FILE"
fi
# Run original command
run_op "$@"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment