Using 1Password integration from Puppet automation

sshipwaysshipway
Community Member
edited August 8 in Secrets Automation

This is for the benefit of anyone who uses Puppet to automate systems configuration and deployments, and needs to integrate with 1Password.

I have created a Puppet module (Puppet 6.x) that will use the the 1Password Connect API to retrieve and update secrets from within a Puppet manifest. This can retrieve both secrets and file attachments, and can create/update secrets, using an API key stored on the puppetmaster. There is also a class to allow management of local passwords (e.g. the root password) and automatically rotate this on a set frequency, updating the 1Password secret appropriately. You need to have an up-to-date OP-Connect installed, and the Partydrone 1Password Ruby SDK on your Puppetmaster.

Eventually this will go into PuppetForge but currently it is not quite polished enough, and also requires a patch to the 1Password Ruby SDK for it to work correctly with updates.

If anyone is interested in having a copy (and maybe improving on it), then fork it from github and please let me know.

-Steve


Connect Version: 1.5.2 or later
Ruby SDK Version: Partydrone 0.1.3 with patch or later
OS Version: Linux

Comments

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file