Skip to main content

fsspec filesystem implementation for 1Password entries via the op CLI.

Project description

fsspec-1password

An fsspec filesystem implementation for 1Password entries, backed by the 1Password CLI (op).

Overview

fsspec-1password exposes your 1Password vaults, items, and fields as a read-only virtual filesystem under the op:// protocol. Any tool or library that speaks fsspec can transparently read secret values straight from 1Password – no files on disk, no environment variable juggling.

op://                        ← root (list all vaults)
op://Vault                   ← vault directory (list items)
op://Vault/Item              ← item directory (list fields)
op://Vault/Item/Field        ← field file (read secret value)

Requirements

If op is not in PATH a clear RuntimeError is raised immediately:

RuntimeError: The '1Password CLI' executable 'op' was not found in PATH.
Please install it from https://developer.1password.com/docs/cli/get-started/
and make sure it is available in your PATH before using the op:// protocol.

Installation

pip install fsspec-1password

Quick start

Direct usage

import fsspec_1password  # registers the op:// protocol with fsspec

fs = fsspec_1password.OnePasswordFileSystem()

# List all vaults
fs.ls("op://")
# [{'name': 'op://Personal', 'type': 'directory', 'size': 0}, ...]

# List items in a vault
fs.ls("op://Personal")
# [{'name': 'op://Personal/GitHub', 'type': 'directory', 'size': 0}, ...]

# List fields of an item
fs.ls("op://Personal/GitHub")
# [{'name': 'op://Personal/GitHub/username', 'type': 'file', 'size': 5}, ...]

# Read a field value
secret = fs.cat_file("op://Personal/GitHub/password")
# b's3cr3t'

with fs.open("op://Personal/GitHub/password") as f:
    secret = f.read()
# b's3cr3t'

Via fsspec

import fsspec

with fsspec.open("op://Personal/GitHub/password") as f:
    secret = f.read()

Use with other libraries

Any library that accepts an fsspec-compatible path works out of the box:

import pandas as pd

# Read a CSV stored as a 1Password secure note
df = pd.read_csv("op://Work/MySecretCSV/content", storage_options={})

Authentication

Authentication is handled entirely by the op CLI. Depending on your setup this may be:

  • Biometric (Touch ID / Windows Hello) – automatic after initial sign-in.
  • Session token – set OP_SESSION_<account> in the environment.
  • Service-account token – set OP_SERVICE_ACCOUNT_TOKEN in the environment.

Refer to the 1Password CLI documentation for full details.

URI scheme

Path Description
op:// Root – directory listing returns all vaults
op://Vault Vault – directory listing returns all items
op://Vault/Item Item – directory listing returns all fields
op://Vault/Item/Field Field – readable file containing the secret value

Vault, Item, and Field refer to the title/label of the object, matching how you would address them with op read op://Vault/Item/Field.

Development

git clone https://github.com/mauvilsa/fsspec-1password
cd fsspec-1password
python -m venv venv
source venv/bin/activate
pip install -e ".[dev]"

# Run tests (no real op executable required)
pytest

# Run with coverage
pytest --cov --cov-report=html

Running pre-commit hooks

pre-commit install
pre-commit run --all-files

Bumping the version

bump2version patch   # or minor / major

License

MIT – see LICENSE.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

fsspec_1password-0.2.0.tar.gz (6.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

fsspec_1password-0.2.0-py3-none-any.whl (7.3 kB view details)

Uploaded Python 3

File details

Details for the file fsspec_1password-0.2.0.tar.gz.

File metadata

  • Download URL: fsspec_1password-0.2.0.tar.gz
  • Upload date:
  • Size: 6.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for fsspec_1password-0.2.0.tar.gz
Algorithm Hash digest
SHA256 223397f9a723ba10a7b1a582c5e3b6d620e534d56474349dc2e188537f2a520e
MD5 9427106d85526aaeea54492e6eb18d25
BLAKE2b-256 9b0f3fc8031c9c695df68c78b83814218c8b67309cb4537fcd593ded39ab5a3d

See more details on using hashes here.

Provenance

The following attestation bundles were made for fsspec_1password-0.2.0.tar.gz:

Publisher: tests.yaml on mauvilsa/fsspec-1password

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file fsspec_1password-0.2.0-py3-none-any.whl.

File metadata

File hashes

Hashes for fsspec_1password-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 96aeb3be0000db2316260d2d7dcdfdb07afbecb81af34ad4f4397b631bfc9695
MD5 f8972e7cd6e0621fedcded850a97a9a8
BLAKE2b-256 7c633f75b0f9c09b75e5392535a09127f852d69c816407cb002a9c69a3e209df

See more details on using hashes here.

Provenance

The following attestation bundles were made for fsspec_1password-0.2.0-py3-none-any.whl:

Publisher: tests.yaml on mauvilsa/fsspec-1password

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page