1password support for xonsh shell. This approach ensures your sensitive information remains secure while being easily accessible in your xonsh shell.

If you like the idea click ⭐ on the repo and tweet.

To install use pip:

xpip install xontrib-1password
# or: xpip install -U git+/~https://github.com/drmikecrowe/xontrib-1password

The xontrib will get loaded automatically.

Store your passwords in 1Password and setup op CLI locally. Then:

mykey = OnePass("op://path/my/key")
echo @(mykey)
# my-key-value

$MYKEY = OnePass("op://path/my/key")
echo $MYKEY
# my-key-value

env | grep MYKEY
# MYKEY=my-key-value

To disable autoloading:

$XONTRIBS_AUTOLOAD_DISABLED = ["1password", ]

To turn off:

$XONTRIB_1PASSWORD_ENABLED = False
$MYKEY = OnePass("op://path/my/key")
$MYKEY
# op://path/my/key

Because of the URL is basically op://<Vault>/<title>/<field> to find this, here's the commands you can use to determine these fields:

op item list --format json | jq '.[].title | select(. | contains("OpenAI"))' 
# "OpenAI-API-Key"
op item get OpenAI-API-Key --format json | jq '.fields[] | select(.type == "CONCEALED") | .label'
# "api-key"

$XONTRIB_1PASSWORD_DEBUG = True

You can set $XONTRIB_1PASSWORD_CACHE to string:

• not_empty (default) - cache not empty values.
• all - cache all values.
• off - disable caching.

If you disable cache (i.e. $XONTRIB_1PASSWORD_CACHE='off') in case of $MYVAR = OnePass(...) every time the shell read the env variables list the value will be requested from OnePassword and it takes time.

• activate pre-commit hooks

# install pre-commit plugins and activate the commit hook
pre-commit install
pre-commit autoupdate

• Bump the version of your package.
• Create a GitHub release (The release notes are automatically generated as a draft release after each push).
• And publish with poetry publish --build or twine

This package was created with xontrib template.