Comment by supriyo-biswas

2 days ago

My current employer uses 1password and it has a couple of nifty features like "vaults" shared with a group of people, an "op run" command to inject secrets using a .env file, service accounts to fetch passwords in CI, etc.

4 comments

supriyo-biswas

conception 2 days ago

It has dev environments now too! https://developer.1password.com/docs/environments/

diggan 1 day ago
Sounded nice, but I'm not sure what this actually adds. I'm currently using 1Password for doing "environments", but it's all using the existing `op` CLI.
So adding a new collaborator to the project would involve adding them to the vault, then there is a shell script in the project that uses the CLI to write a new `.env` depending on the values from `op`.
Seems like this new environment stuff wouldn't add anything compared to such setup, at least today, is that fair? Seems to be even more manual and require copy-pasting, unless I misunderstand what the feature actually is.
- conception 17 hours ago
  
  Yeah, I think the idea is instead of writing a .env you would, perhaps eventually, have a command like op that just loads the environment whole cloth. But you probably won't get much value out of that today.
saleCz 14 hours ago

for a complete solution to dev envs and production secret management I use Envie https://github.com/ilmari-h/envie it's like a drop in replacement for traditional env files