Command line tool for automation

jeremybrooks
jeremybrooks
Community Member

Hi,
We are evaluating 1Password for company use. One of the use cases would be to give automated tests access to secrets in a vault. Is there a way to generate a persistent token for a specific vault that we could use for automated tests? So far everything seems to expire in 30 minutes, which would be fine for automating things like deployments where there is a human kicking it off who can enter a master password, but for automated testing that won't work.

op version is 0.5.4


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @jeremybrooks: I've moved your post to the CLI beta category of the forum so the team working on that will see it. Can you tell me more about the specific behaviour you're looking for? Perhaps it's something we can add in a future release, as we continue to develop the CLI app. :)

  • ag_konstantin
    ag_konstantin
    1Password Alumni

    Hi @jeremybrooks ,

    Thank you for reaching out! While you cannot at the moment extend your authentication session, you can still automate the task of signing in.

    You could do the first manual authorization to create the configuration set:
    op signin <signinaddress> <emailaddress> <secretkey>
    ... or if you expect to be signing in to multiple accounts:
    op signin <signinaddress> <emailaddress> <secretkey> --shorthand=myaccount1
    ... where myaccount1 is an arbitrary string.

    That would allow subsequent automated sign-ins in following manner:
    eval $(echo "my master password" | op signin)
    ... or
    eval $(echo "my master password" | op signin myaccount1)
    ... respectively.

    Please note that, echo is used here only for a sake of an example and is not recommended to use in production.

    Once successfully authenticated, you can proceed to retrieve your secrets.

    Kind regards,
    Konstantin

  • jeremybrooks
    jeremybrooks
    Community Member

    Thanks for the quick response. That will probably work; we will have to figure out a way to secure the passphrase so it's not stored in cleartext in the automated tests, but I think we have a way to do that now.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Sounds good. We're here if you need us! :) :+1:

This discussion has been closed.