@launchpadlab/opensesame

Opensesame CLI

A simple command line interface to store and share non-version controlled application secrets files within the 1Password vault structure.

The recommended approach is to invoke opensesame directly from the command line to simplify to a more universally supported developer experience across codebases.

Setup Instructions

• npm install @launchpadlab/opensesame -g

Recommended: Non-NPM

• If a package.json file is not used for a given project (or not preferred to be used), you can use a direct initial invocation of the CLI by running opensesame in your terminal. This will generate a .opensesamerc file to persist the project specific variables.
• It is recommended to run opensesame to invoke this CLI tool going forward within this project.

Legacy: NPM

• npm install @launchpadlab/opensesame -g
• Within your project, ensure a npm command in the package.json file exists for load_secrets: opensesame -d XXX -v XXX -f XXX. If one is not present, add it within the scripts key. For this command -d refers to the document_id in 1Password, -v refers to the vault_id in 1Password, -f refers to the local file_path where the secrets file is located.

{
  ...
  "scripts": {
    ...,
    "load_secrets": "opensesame -d XXX -v XXX -f XXX"
  }
  ...
}

• If you know the values for -d -v or -f, please insert those values if not already set. Otherwise the CLI tool will guide you through how to set those.
• Run the command npm run load_secrets and follow on-screen instructions

FAQs

• This CLI tool can be used to sync any non-version controlled file into 1Password. Typically this is a .env or application.yml file. However, it can also be used with rails credentials to be used to sync the *.key file that is not version controlled.
• To interact with 1Password directly, you can reference their documentation.

Maintainers Only: Publish Command

• npm publish