Why?
- You don't have to store API keys and other sensitive variables in .env files that may be accidentally pushed to github, be recovered from backups, etc.
- Your API keys are available on any computer you have 1Password installed (if you have enabled 1Password sync).
You can read more and find more advanced uses of the 1Password CLI here.
First, install the 1Password CLI.
Next, add this code to your ~/.zsh, or ~/.bashrc, or the corresponding rc file for your environment.
op_env() {
$(echo export $1=op://Personal/$1/credential | op inject)
}
Note
The code above assumes that the 1Password vault you are using is called "Personal". Adjust accordingly.
Make sure you start a new shell to activate the new function. Now, open 1Password and create an "API Credential".
Set the name to the name of the env variable you want to save and credential to the value.
Save the item.
In your terminal type
$ op_env TEST_API_KEY # 1Pass authentication will pop-up
$ echo $TEST_API_KEY
1234567890