The 1Password Connect Kubernetes Operator provides the ability to integrate Kubernetes Secrets with 1Password. The operator also handles autorestarting deployments when 1Password items are updated.
✨ Get started
🚀 Quickstart
-
Add the 1Password Helm Chart to your repository.
-
Run the following command to install Connect and the 1Password Kubernetes Operator in your infrastructure:
helm install connect 1password/connect --set-file connect.credentials=1password-credentials-demo.json --set operator.create=true --set operator.token.value = <your connect token>
- Create a Kubernetes Secret from a 1Password item:
apiVersion: onepassword.com/v1
kind: OnePasswordItem
metadata:
name: <item_name> #this name will also be used for naming the generated kubernetes secret
spec:
itemPath: "vaults/<vault_id_or_title>/items/<item_id_or_title>"
To create a list of Kubernetes Secrets from 1Password items, create a yaml file with the following
apiVersion: onepassword.com/v1 kind: OnePasswordItemList items: - metadata: name: <item_name_1> #this name will be used for naming one of the generated kubernetes secrets spec: itemPath: "vaults/<vault_id_or_title>/items/<item_id_or_title>" - metadata: name: <item_name_2> #this name will also be used for naming another of the generated kubernetes secrets spec: itemPath: "vaults/<vault_id_or_title>/items/<item_id_or_title>"
Deploy the OnePasswordItem to Kubernetes:
kubectl apply -f <your_item>.yaml
Check that the Kubernetes Secret has been generated:
kubectl get secret <secret_name>
📄 Usage
Refer to the Usage Guide for documentation on how to deploy and use the 1Password Operator.
💙 Community & Support
- File an issue for bugs and feature requests.
- Join the Developer Slack workspace.
- Subscribe to the Developer Newsletter.
🔐 Security
1Password requests you practice responsible disclosure if you discover a vulnerability.
Please file requests by sending an email to bugbounty@agilebits.com.