About onepassword-operator

The 1Password Connect Kubernetes Operator provides the ability to integrate Kubernetes Secrets with 1Password. The operator also handles autorestarting deployments when 1Password items are updated.

1

Published by

1Password

Visit View Profile

README.md

View on GitHub

1Password Connect Kubernetes Operator

Integrate 1Password Connect with your Kubernetes Infrastructure

The 1Password Connect Kubernetes Operator provides the ability to integrate Kubernetes Secrets with 1Password. The operator also handles autorestarting deployments when 1Password items are updated.

This project is licensed under MIT. Use of the 1Password APIs and services accessed through these tools is governed by the 1Password API Terms of Service.

✨ Get started

🚀 Quickstart

Add the 1Password Helm Chart to your repository.
Run the following command to install Connect and the 1Password Kubernetes Operator in your infrastructure:

helm install connect 1password/connect --set-file connect.credentials=1password-credentials-demo.json --set operator.create=true --set operator.token.value = <your connect token>

Create a Kubernetes Secret from a 1Password item:

apiVersion: onepassword.com/v1
kind: OnePasswordItem
metadata:
  name: <item_name> #this name will also be used for naming the generated kubernetes secret
spec:
  itemPath: "vaults/<vault_id_or_title>/items/<item_id_or_title>"

To create a list of Kubernetes Secrets from 1Password items, create a yaml file with the following

apiVersion: onepassword.com/v1
kind: OnePasswordItemList
items:
  - metadata:
      name: <item_name_1> #this name will be used for naming one of the generated kubernetes secrets
    spec:
      itemPath: "vaults/<vault_id_or_title>/items/<item_id_or_title>"
  - metadata:
      name: <item_name_2> #this name will also be used for naming another of the generated kubernetes secrets
    spec:
      itemPath: "vaults/<vault_id_or_title>/items/<item_id_or_title>"

Deploy the OnePasswordItem to Kubernetes:

kubectl apply -f <your_item>.yaml

Check that the Kubernetes Secret has been generated:

kubectl get secret <secret_name>

📄 Usage

Refer to the Usage Guide for documentation on how to deploy and use the 1Password Operator.

💙 Community & Support

File an issue for bugs and feature requests.
Join the Developer Slack workspace.
Subscribe to the Developer Newsletter.

🔐 Security

1Password requests you practice responsible disclosure if you discover a vulnerability.

Please file requests by sending an email to [email protected].

onepassword-operator