1Password Integration for Agent Secrets
Status: Partially implemented — env references, console picker, workspace op_account, and Claude-token writes are shipped; read-only secret file mounts remain future work
Canonical Docs For Shipped Behavior
Section titled “Canonical Docs For Shipped Behavior”- Environment Variables — operator-facing
op://env values, scopes, and launch diagnostics. - Authentication — how 1Password-backed values feed auth modes.
- Claude Token Orchestrator — contributor details for Claude-token 1Password writes and validation.
This roadmap item no longer repeats shipped op:// env behavior. Keep shipped details in the standard docs above.
Remaining Work
Section titled “Remaining Work”Agents sometimes need credentials as files rather than environment variables, for example SSH keys, kubeconfigs, or cloud-provider config files. Today those still require explicit mounts or project-specific setup.
Future work: add a first-class read-only secret file mechanism, likely a workspace-scoped config shape such as [workspaces.*.op_files], that resolves selected 1Password fields into temporary files and mounts them read-only into the container.
Constraints
Section titled “Constraints”- Secret files must be materialized outside image builds and never written into role repos.
- Mounts should be narrow, explicit, and auditable in launch previews.
- The design should reuse the same credential-source vocabulary used by operator env and auth flows, rather than adding another 1Password-only parser.