-
Notifications
You must be signed in to change notification settings - Fork 59
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Service Accounts #160
Comments
Go SDK would be huge for integrations. |
Hey there. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
With Service Account functionality now released, will this be supported in the 1Password Operator? This would allow the operator to be used without the Connect server.
Use cases
Running an Operator to automatically generate and update Kubernetes secrets from 1Password items. Basically, same use case as always, just doing so without having to provision a Connect server in the same cluster.
Proposed solution
Support the
OP_SERVICE_ACCOUNT_TOKEN
environment variable used to authenticate against a service account. Resolution of 1Password items would then use the service account token to communicate directly with 1Password rather than using the Connect server.Is there a workaround to accomplish this today?
The only option I'm currently aware of is to run a private Connect server which consumes cluster resources.
References & Prior Work
I'm pretty sure the Kubernetes Secret Injector for 1Password supports this as does the
op
CLI tool. It would be useful if the various SDKs and this Operator would also support service accounts.The text was updated successfully, but these errors were encountered: