Using 1Password integration from Puppet automation

sshipway
sshipway
Community Member
edited August 2022 in Secrets Automation

This is for the benefit of anyone who uses Puppet to automate systems configuration and deployments, and needs to integrate with 1Password.

I have created a Puppet module (Puppet 6.x) that will use the the 1Password Connect API to retrieve and update secrets from within a Puppet manifest. This can retrieve both secrets and file attachments, and can create/update secrets, using an API key stored on the puppetmaster. There is also a class to allow management of local passwords (e.g. the root password) and automatically rotate this on a set frequency, updating the 1Password secret appropriately. You need to have an up-to-date OP-Connect installed, and the Partydrone 1Password Ruby SDK on your Puppetmaster.

Eventually this will go into PuppetForge but currently it is not quite polished enough, and also requires a patch to the 1Password Ruby SDK for it to work correctly with updates.

If anyone is interested in having a copy (and maybe improving on it), then fork it from github and please let me know.

-Steve

Connect Version: 1.5.2 or later
Ruby SDK Version: Partydrone 0.1.3 with patch or later
OS Version: Linux

Comments

This discussion has been closed.