Default/fallback values for injection and ignoring unresolvable secret references

parhamu
parhamu
Community Member

I am implementing secret management for our application and using op inject in the CI/CD pipeline (BitBucket) to inject secrets into a template. We have different environments (prod, staging, ...) and there are some shared secrets and some that are specific to some environments.

I have a vault for the common secrets and also separate vaults for each of the environments.

I would like to use a single secrets template/list for all environments and I am hoping that there is a way for the inject command to ignore secret references that it cannot resolve rather than stopping and throwing an error, and ideally make the unresolvable ones to fall back to a default value or another secret reference (from the common vault).

Is this something possible with the currently available features?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

This discussion has been closed.