signin
op signin
vault create
op vault create foo
vault list
$ op vault list --format json
[
{
"id": "xxxx",
"name": "Personal",
"content_version": 1
},
{
"id": "yyyy",
"name": "foo",
"content_version": 2
}
]
item create
op item create --vault foo --title bar --category SecureNote 'default.hoge=fuga'
item edit (put field)
op item edit --vault foo bar 'default.hoge=FUGA'
item edit (remove field)
op item edit --vault foo bar 'default.hoge[delete]'
item get
$ op item get --format json --vault foo bar
{
"id": "xxxx",
"title": "bar",
"version": 4,
"vault": {
"id": "xxxx",
"name": "foo"
},
"category": "SECURE_NOTE",
"last_edited_by": "xxxx",
"created_at": "2022-07-14T00:07:28Z",
"updated_at": "2022-07-14T00:08:52Z",
"sections": [
{
"id": "Section_xxxx",
"label": "default"
}
],
"fields": [
{
"id": "notesPlain",
"type": "STRING",
"purpose": "NOTES",
"label": "notesPlain",
"reference": "op://foo/bar/notesPlain"
},
{
"id": "xxxx",
"section": {
"id": "Section_xxxx",
"label": "default"
},
"type": "CONCEALED",
"label": "hoge",
"value": "FUGA",
"reference": "op://foo/bar/default/hoge"
}
]
}
$ op item get --format json --vault foo bar | jq '.fields[] | select(.label != null and .value != null) | {key: .label, value: .value}' | jq -s 'from_entries'
{
"fizz": "buzz"
}
op item get --format json --vault foo bar | jq -r '.fields[] | select(.label != null and .value != null) | {key: .label, value: .value} | "\\(.key)=\\"\\(.value)\\""'
run with values as environment variables
$ cat .env
HOGE=op://foo/bar/default/hoge
$ op run --env-file=.env --no-masking -- printenv HOGE
FUGA
inject values to file
$ cat config.tmpl.yml
HOGE: op://foo/bar/default/hoge
$ op inject -i config.tmpl.yml -o config.yml
/Users/lambdasawa/src/github.com/lambdasawa/lambdasawa/sandbox/op-cli/config.yml
$ cat config.yml
HOGE: FUGA
set values to GitHub Actions Secret
$ cat .env
HOGE=op://foo/bar/default/hoge
$ op inject -i .env -o .env.injected
$ gh secret set -f .env.injected