This action sets up the 1Password CLI, op, on GitHub Actions runners.
This action will install and expose a specified version of the gh CLI on the runner environment and will setup the authentication using a Service Account.
1Password provides a load-secrets-action which installs the op tool and can load environment secrets, but it has some flaws:
- It does not support a specific version of the
opCLI - It does not support the ARM version of the
opCLI (made a PR for this, but it was not yet merged) - It does not use the tool cache which slows down usage of the action
- It does not expose the
opCLI to the runner environment so you cannot use it in a different way than designed - Launching a dozen runners with a dozen secrets each will hit your rate limits very soon, this action allows you to use
op injectto write env files bypassing this rate limit
Setup the op CLI:
steps:
- uses: settlemint/[email protected]
with:
service-account-token: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}A specific version of the op CLI can be installed:
steps:
- uses: settlemint/[email protected]
with:
version: 2.18.0
service-account-token: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}The actions supports the following inputs:
version: The version ofopto install, defaulting to2.18.0
Based off the example action by Github which is MIT licensed.