1Password/onepassword-operator
1
0
Fork 0
mirror of https://github.com/1Password/onepassword-operator.git synced 2025-10-22 15:38:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use 1Password Client to initialize operator either with Connect or Service Accounts

Browse Source
This commit is contained in:
Volodymyr Zotov
2025-05-29 17:23:49 -05:00
parent 432f2c6cf6
commit 1498c223a5
8 changed files with 56 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
pkg/onepassword/items.go
View File

@@ -4,36 +4,36 @@ import (
"fmt"
"strings"
"github.com/1Password/connect-sdk-go/connect"
"github.com/1Password/connect-sdk-go/onepassword"
logf "sigs.k8s.io/controller-runtime/pkg/log"
opclient "github.com/1Password/onepassword-operator/pkg/onepassword/client"
"github.com/1Password/onepassword-operator/pkg/onepassword/model"
)
var logger = logf.Log.WithName("retrieve_item")
func GetOnePasswordItemByPath(opConnectClient connect.Client, path string) (*onepassword.Item, error) {
vaultValue, itemValue, err := ParseVaultAndItemFromPath(path)
func GetOnePasswordItemByPath(opClient opclient.Client, path string) (*model.Item, error) {
vaultIdentifier, itemIdentifier, err := ParseVaultAndItemFromPath(path)
if err != nil {
return nil, err
}
vaultId, err := getVaultId(opConnectClient, vaultValue)
vaultID, err := getVaultID(opClient, vaultIdentifier)
if err != nil {
return nil, err
}
itemId, err := getItemId(opConnectClient, itemValue, vaultId)
itemID, err := getItemID(opClient, vaultID, itemIdentifier)
if err != nil {
return nil, err
}
item, err := opConnectClient.GetItem(itemId, vaultId)
item, err := opClient.GetItemByID(itemID, vaultID)
if err != nil {
return nil, err
}
for _, file := range item.Files {
_, err := opConnectClient.GetFileContent(file)
_, err := opClient.GetFileContent(vaultID, itemID, file.ID)
if err != nil {
return nil, err
}
@@ -50,7 +50,7 @@ func ParseVaultAndItemFromPath(path string) (string, string, error) {
return "", "", fmt.Errorf("%q is not an acceptable path for One Password item. Must be of the format: `vaults/{vault_id}/items/{item_id}`", path)
}
func getVaultId(client connect.Client, vaultIdentifier string) (string, error) {
func getVaultID(client opclient.Client, vaultIdentifier string) (string, error) {
if !IsValidClientUUID(vaultIdentifier) {
vaults, err := client.GetVaultsByTitle(vaultIdentifier)
if err != nil {
@@ -75,7 +75,7 @@ func getVaultId(client connect.Client, vaultIdentifier string) (string, error) {
return vaultIdentifier, nil
}
func getItemId(client connect.Client, itemIdentifier string, vaultId string) (string, error) {
func getItemID(client opclient.Client, vaultId, itemIdentifier string) (string, error) {
if !IsValidClientUUID(itemIdentifier) {
items, err := client.GetItemsByTitle(itemIdentifier, vaultId)
if err != nil {