Feature request: mount secrets as file, or `op mount`

lxdlam
lxdlam
Community Member

The CLI often involves managing numerous configurations, many of which are file-based. Currently, to create such files, we use commands like op read to retrieve the secret and then redirect it to a file, or op inject to generate these configurations. However, given the prevalence of file-based configurations, directly mounting a secret as a plaintext file would be both more user-friendly and secure. This approach eliminates the manual handling of files, which often leads to oversight in cleanup.

Mounting secrets directly as files would be beneficial in various scenarios, including:

  • For custom tools involving SSH public and private keys: For instance, loading a temporary key from op without the need to save it in ~/.ssh.
  • For kubectl: Directly proxying reads from ~/.kube/config to op would simplify Kubernetes cluster management. (I know there are other auth methods for kubectl like OIDC)

To the best of my knowledge, implementing custom file access could involve integrating FUSE or custom sockets. However, this should be a feasible task. Please consider adding this functionality.


1Password Version: 8.10.28
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

This discussion has been closed.