Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Item Files #132

Open
bloudraak opened this issue Jan 13, 2024 · 1 comment · May be fixed by #164
Open

Feature Request: Item Files #132

bloudraak opened this issue Jan 13, 2024 · 1 comment · May be fixed by #164
Labels
enhancement New feature or request

Comments

@bloudraak
Copy link

bloudraak commented Jan 13, 2024
edited

Summary

The ability to create, delete, read and list files attached to an item

Use cases

As part of automation, we obtain certificates from a certificate vendor. However, we need to store the private key in a secure location. The certificate vendor cannot access the private key at any point. We also need to keep the public key and certificate chain. We often store that information on the host (if the certificates are tied to a specific host) or in its own item when the domain is broad.

Later on, when we provision infrastructure, we need to retrieve the certificates to add them to hosts etc securely.

Proposed solution

Introduce a new data source and resource:

data "onepassword_file" "this" {
    item = "<itemuuid>"
    name = "private.key"
}

resource "local_file" "demo" {
  content = jsonencode(onepassword_file.this.content)
  filename = "demo.json"
}

resource "onepassword_file" "that" {
    item = "<itemuuid2>"
    field = "field1"
    content = file("private.key")
}

Also introduce a data source to retrieve all files attached to an item, which returns its metadata (name etc), but not the contents

data "onepassword_files" "this" {
    item = "<itemuuid>"
}

# gets the contents of each file on the item
data "onepassword_file" "this" {
   for_each = data. onepassword_files.this.files
   item = each.value.item
   field = each.value.id
}

The reason this is separate is because their lifecycle may be different than that of the item they belong to. For example, the public key of a certificate or a license file for a given host may change every year, while the item they belong to remains untouched.

Is there a workaround to accomplish this today?

References & Prior Work

For the "pattern" see the following:

Data Sources:

Resources:

Implementation:
@bloudraak bloudraak changed the title Feature Request Feature Request: Item Files Jan 13, 2024
@bloudraak bloudraak mentioned this issue Jan 14, 2024
Open
@volodymyrZotov volodymyrZotov added the enhancement New feature or request label Jan 17, 2024
@volodymyrZotov
Copy link
Collaborator

Thanks for raising!👍 We'll consider this for future releases!

asgeirn added a commit to asgeirn/terraform-provider-onepassword that referenced this issue Apr 29, 2024
@asgeirn
Feature: File attachments to items
b567da3 
Fixes 1Password#132
@asgeirn asgeirn linked a pull request May 1, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Feature: File attachments to items asgeirn/terraform-provider-onepassword
2 participants
@bloudraak @volodymyrZotov