Use sops to cache the one password vault session token because op is horrible to use

1password

#!/usr/bin/env bash

set -euo pipefail


CACHE_DIR="${XDG_CACHE_HOME:-$HOME/Library/Caches}/wrapper-1password"
CACHE_FILE="$CACHE_DIR/session-token.yaml"
OP_LOCATION="$(command -v op)"

mkdir -p "$CACHE_DIR"

function run_op() {
    EXEC_COMMAND=(
      "$OP_LOCATION"
      "--session"
      "\$data"
      "$@"
    )

    sops exec-env \
      "$CACHE_FILE" \
      "${EXEC_COMMAND[*]}"
}

# Check token still valid
if [ -f "$CACHE_FILE" ] ; then
  ERROR=$(run_op list vaults 2>&1 >/dev/null)

  if [[ $ERROR == *"You are not currently signed in."* ]]; then
    rm "$CACHE_FILE"
  fi
fi

# Login
if ! [ -f "$CACHE_FILE" ] ; then
  op signin op-wrapper --raw  | sops --encrypt /dev/stdin > "$CACHE_FILE"
fi

# Run original command
run_op "$@"