Feature request: basic filters for `op inject`

leonbooot

I've been having a go at injecting secrets into config files using the op inject CLI command, which is nice, but I'm already running into some problems. What I'm running in to right now is a way to indent secrets that have multi-line values. For instance, I'd like to inject a Google Service Account JSON key into my YAML config:

my_config:
  gcs:
    service_account_key: |
      {{ op://my-secret/gcs_service_account_key }}

This will result in malformed YAML:

my_config:
  gcs:
    service_account_key: |
      {
  "type": "service_account",
  "project_id": "myproject-12345",
  [...]
}

It would be really nice if the op inject command would support basic filters, for instance to fix the indentation:

my_config:
  gcs:
    service_account_key: |
      {{ op://my-secret/gcs_service_account_key | indent }} # autodetect indentation

or:

my_config:
  gcs:
    service_account_key: |
{{ op://my-secret/gcs_service_account_key | indent 6 }} # specify the exact indentation

I'm sure there are many other useful filters (like base64 for instance).

---

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

mmorejon

I'm facing the same issue. Do you have a workaround?

mmorejon

A workaround is to create a script adding the space needed at the beginning of each line.

#!/bin/sh

# the script read line by line adding two spaces when the line doesn't start with the value:
# - vault_: for variables
# - -----BEGIN: for certificates
while IFS= read -r line
do
  if [[ "$line" == "vault_"* ]] || [[ "$line" == "  -----BEGIN"* ]]
  then
    echo "$line" >> tmp.yml
  else
    echo "  $line" >> tmp.yml
  fi
done < "$1"

# replace current content with the new YAML file formatted
mv tmp.yml $1