3.8 KiB
3.8 KiB
description, argument-hint
| description | argument-hint |
|---|---|
| Add a new environment variable to .env.1password template and optionally to 1Password | <VAR_NAME> [op-reference-or-value] |
You are tasked with adding a new environment variable to the .env.1password template file and optionally creating or updating the corresponding secret in 1Password.
Instructions:
-
Parse arguments:
- First argument (required): The variable name (e.g.,
API_KEY) - Second argument (optional): Either:
- A 1Password reference like
op://Private/myapp/api_key - A value to be stored in 1Password
- If not provided, ask the user for input
- A 1Password reference like
- First argument (required): The variable name (e.g.,
-
Check for .env.1password: Look for the template file in the current working directory.
- If it doesn't exist, ask if the user wants to create it (and offer to run
/claude-1password:env-initif a.envexists)
- If it doesn't exist, ask if the user wants to create it (and offer to run
-
Check if variable already exists:
- If the variable name already exists in
.env.1password, ask if they want to update it - Show the current value/reference before updating
- If the variable name already exists in
-
Determine the 1Password reference:
Option A: If the second argument looks like a 1Password reference (
op://...):- Use it as-is
- Verify it's valid by trying
op read "reference"(optional, warn if it fails)
Option B: If the second argument is a value (not starting with
op://):- Ask the user for the 1Password item details:
- Vault name (default: "Private")
- Item name (suggest based on project or existing pattern)
- Field name (default: variable name in lowercase)
- Offer to create the item/field in 1Password using the CLI:
Or if the item exists, update it:
op item create --category=password --title="item-name" \ --vault="vault-name" field-name="value"op item edit "item-name" --vault="vault-name" field-name="value" - Construct the reference:
op://vault/item/field
Option C: If no second argument provided:
- Ask the user whether they want to:
- Provide an existing 1Password reference
- Provide a value to store in 1Password
- Leave it as a placeholder for manual editing later
-
Update .env.1password:
- Add the new variable in the format:
VAR_NAME=op://vault/item/field - Optionally add a comment above it if the user wants to document it
- Maintain alphabetical order or append to the end (ask user preference)
- Add the new variable in the format:
-
Optionally update .env:
- Ask if they want to immediately sync to
.envby running/claude-1password:env-sync - Or just update
.env.1passwordfor now
- Ask if they want to immediately sync to
-
Output summary: Show the user:
- The variable that was added:
VAR_NAME=op://... - Whether it was also created/updated in 1Password
- Next steps (e.g., "Run
/claude-1password:env-syncto update your.envfile")
- The variable that was added:
Examples:
Example 1: Add with existing 1Password reference
/claude-1password:env-add NEW_API_KEY op://Private/myapp/new_api_key
Result in .env.1password:
NEW_API_KEY=op://Private/myapp/new_api_key
Example 2: Add with a new value
/claude-1password:env-add STRIPE_KEY sk_test_abc123
You would then:
- Ask for vault/item/field details (or use smart defaults)
- Create/update in 1Password
- Add to
.env.1passwordwith the generated reference
Example 3: Add placeholder for manual editing
/claude-1password:env-add DATABASE_PASSWORD
You would prompt for what to do, and potentially add:
DATABASE_PASSWORD=op://Private/myapp/database_password
Error Handling:
- If 1Password CLI is not installed or not authenticated, warn the user but still allow adding to
.env.1passwordas a placeholder - If variable name is invalid (contains spaces, special chars except
_), suggest a corrected name - If 1Password operation fails, show the error but still update the template file