Go to file

dependabot[bot] 6f52eddca2 Bump js-yaml

Bumps  and [js-yaml](https://github.com/nodeca/js-yaml). These dependencies needed to be updated together.

Updates `js-yaml` from 4.1.0 to 4.1.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1)

Updates `js-yaml` from 3.14.1 to 3.14.2
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: indirect
- dependency-name: js-yaml
  dependency-version: 3.14.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

2025-12-16 17:50:27 +00:00

.github/workflows

Do not ignore tests dir

2025-12-15 09:56:42 -06:00

config

Migrate action to Typescript (#36 )

2024-02-21 17:38:38 +01:00

configure

Introduce build:all command that bundles both configure and load-secrets-action. Remove type: "module" from package.json so ncc builds CommonJS configure action which is required

2025-08-13 11:59:45 -05:00

dist

Use op-cli-installed as local package

2025-12-15 13:45:09 -06:00

docs

Fix formatting

2025-12-15 08:46:32 -06:00

src

Use execFile to run safily pass arguments

2025-12-16 10:29:54 -06:00

tests

Remove env.tpl file, as it will be created in the test workflow automatically

2025-12-12 14:23:30 -06:00

.gitignore

Update git ignore

2025-12-12 14:52:23 -06:00

action.yml

Set export-env input to false by default

2025-08-13 17:03:58 -05:00

CONTRIBUTING.md

Add lint to workflow (#88 )

2024-12-17 11:05:12 +01:00

LICENSE

Add MIT license

2021-05-20 21:05:11 +02:00

package-lock.json

Bump js-yaml

2025-12-16 17:50:27 +00:00

package.json

Use op-cli-installed as local package

2025-12-15 13:45:09 -06:00

README.md

Fixed typo in README

2025-09-03 12:45:43 +02:00

tsconfig.json

Migrate action to Typescript (#36 )

2024-02-21 17:38:38 +01:00

README.md

Load Secrets from 1Password - GitHub Action

Provide the secrets your GitHub runner needs from 1Password.

load-secrets-action loads secrets from 1Password into GitHub Actions using Service Accounts or 1Password Connect.

Specify in your workflow YAML file which secrets from 1Password should be loaded into your job, and the action will make them available as environment variables for the next steps.

Read more on the 1Password Developer Portal.

🪄 See it in action!

✨ Quickstart

Export secrets as a step's output (recommended)

on: push
jobs:
  hello-world:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Load secret
        id: load_secrets
        uses: 1password/load-secrets-action@v3
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
          SECRET: op://app-cicd/hello-world/secret
          OP_ENV_FILE: "./path/to/.env.tpl" # see tests/.env.tpl for example

      - name: Print masked secret
        run: 'echo "Secret: ${{ steps.load_secrets.outputs.SECRET }}"'
        # Prints: Secret: ***

Export secrets as env variables

on: push
jobs:
  hello-world:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Load secret
        uses: 1password/load-secrets-action@v3
        with:
          # Export loaded secrets as environment variables
          export-env: true
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
          SECRET: op://app-cicd/hello-world/secret
          OP_ENV_FILE: "./path/to/.env.tpl" # see tests/.env.tpl for example

      - name: Print masked secret
        run: 'echo "Secret: $SECRET"'
        # Prints: Secret: ***

💙 Community & Support

File an issue for bugs and feature requests.
Join the Developer Slack workspace.
Subscribe to the Developer Newsletter.

🔐 Security

1Password requests you practice responsible disclosure if you discover a vulnerability.

Please file requests by sending an email to bugbounty@agilebits.com.