Follow-up to PR #883 (arceus77-7): - Add setup.collect_secrets for OP_SERVICE_ACCOUNT_TOKEN so the skill prompts users to configure their token on first load - Fix broken code examples: garbled op run export line, truncated secret reference in cli-examples.md - Add Authentication Methods section documenting all 3 auth flows (service account, desktop app, connect server) with service account recommended for Hermes - Clarify tmux pattern is only needed for desktop app flow, not service account token flow - Credit original author (arceus77-7) in frontmatter - Add DESCRIPTION.md for security/ category Co-authored-by: arceus77-7 <arceus77-7@users.noreply.github.com>
32 lines
550 B
Markdown
32 lines
550 B
Markdown
# op CLI examples
|
|
|
|
## Sign-in and identity
|
|
|
|
```bash
|
|
op signin
|
|
op signin --account my.1password.com
|
|
op whoami
|
|
op account list
|
|
```
|
|
|
|
## Read secrets
|
|
|
|
```bash
|
|
op read "op://app-prod/db/password"
|
|
op read "op://app-prod/npm/one-time password?attribute=otp"
|
|
```
|
|
|
|
## Inject secrets
|
|
|
|
```bash
|
|
echo "api_key: {{ op://app-prod/openai/api key }}" | op inject
|
|
op inject -i config.tpl.yml -o config.yml
|
|
```
|
|
|
|
## Run command with secrets
|
|
|
|
```bash
|
|
export DB_PASSWORD="op://app-prod/db/password"
|
|
op run -- sh -c '[ -n "$DB_PASSWORD" ] && echo "DB_PASSWORD is set"'
|
|
```
|