/load-secrets-action

Load secrets from 1Password into your GitHub Actions jobs

Primary LanguageShellMIT LicenseMIT

Load Secrets from 1Password - GitHub Action

Provide the secrets your GitHub runner needs from 1Password.

Get started

load-secrets-action loads secrets from 1Password into GitHub Actions using Service Accounts or 1Password Connect.

Specify in your workflow YAML file which secrets from 1Password should be loaded into your job, and the action will make them available as environment variables for the next steps.

Read more on the 1Password Developer Portal.

🪄 See it in action!

Using 1Password Service Accounts with GitHub Actions - showcase

✨ Quickstart

on: push
jobs:
  hello-world:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Load secret
        uses: 1password/load-secrets-action@v1
        with:
          # Export loaded secrets as environment variables
          export-env: true
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
          SECRET: op://app-cicd/hello-world/secret

      - name: Print masked secret
        run: echo "Secret: $SECRET"
        # Prints: Secret: ***

💙 Community & Support

🔐 Security

1Password requests you practice responsible disclosure if you discover a vulnerability.

Please file requests via BugCrowd.

For information about security practices, please visit the 1Password Bug Bounty Program.