Object Relational Mapping for 1Password items, manage 1Password vaults with code.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ilke-dev from gravatar.com ilke-dev

Unverified details

These details have not been verified by PyPI
Meta
  • License: GNU GENERAL PUBLIC LICENSE
  • Author: Ilke
  • Maintainer: Ilke
  • Tags 1password , orm , op , op-orm , onepassword , onepassword-sdk , devops , secret-management , password-manager , credentials , security , kubernetes , k8s , vault , secret-management , secret-store , api-keys , database-credentials , ssh-keys , infrastructure , automation , configuration-management
  • Requires: Python >=3.12
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

1Password ORM

A robust Python ORM for managing 1Password secrets with elegance. This library provides a secure, type-safe interface for interacting with 1Password items using familiar ORM patterns.

🌟 Key Features

  • 🔐 Type-safe field definitions with built-in validation
  • 🔄 Automated password generation and management
  • 🎯 Clean, Pythonic model-based structure
  • 🔑 Comprehensive support for all 1Password item types
  • 🚀 Easy CRUD operations with version tracking
  • 🔒 Secure integration with 1Password Connect
  • 📦 Kubernetes secrets generation

📦 Installation

pip install op-orm

🔧 Quick Start

  1. Set up environment variables:
export OP_CONNECT_TOKEN="your-1password-connect-token"
export OP_INTEGRATION_NAME="your-app-name"
  1. Define your models:
from op_orm.types import OpModelDatabase, StringField, PasswordField, UrlField

class PostgresDatabase(OpModelDatabase):
    title = "production-postgres"
    sections = ["connection", "auth"]
    
    host = StringField(section_id="connection", value="db.example.com")
    port = StringField(section_id="connection", value="5432")
    database = StringField(section_id="connection", value="myapp")
    username = StringField(section_id="auth", value="admin")
    password = PasswordField(section_id="auth")
  1. Use your models:
# Create and save credentials
db = PostgresDatabase()
db.password.generate_password()  # Generates secure random password
db.create()

# Update credentials
db.update_existing_fields({
    "username": "new_admin",
    "host": "new-db.example.com"
})

# Retrieve credentials
db.resolve_all()  # Fetches latest values from 1Password
print(f"Connection string: postgresql://{db.username.value}@{db.host.value}")

🏗️ Model Types

The library provides specialized models for common credential types:

  • OpModelServer - Server credentials
  • OpModelDatabase - Database connections
  • OpModelAPIKey - API credentials
  • OpModelLogin - Login credentials
  • OpModelSSHKey - SSH keys
  • OpModelSecureNote - Secure notes
  • And more...

🔐 Field Types

Available field types for model attributes:

  • StringField - Text values (optionally concealed)
  • PasswordField - Auto-generating password fields
  • UrlField - URL fields with validation

🚀 Advanced Usage

Kubernetes Secret Generation

Generate Kubernetes secrets from your models:

from op_orm.deployment_generator import generate_deployment_files

# Generate YAML for k8s secrets
deployment = generate_deployment_files([PostgresDatabase])
with open("k8s-secrets.yaml", "w") as f:
    f.write(deployment)

Custom Field Validation

Add custom validation to your fields:

class APICredentials(OpModelAPIKey):
    api_key = StringField(section_id="api", concealed=True)
    environment = StringField(section_id="api")
    
    def validate(self):
        if self.environment.value not in ["prod", "staging", "dev"]:
            raise ValueError("Invalid environment")

Generate Kubernetes Secrets from OpModel

The generate_deployments command-line tool streamlines the integration between your Python OpModel classes and the 1Password Kubernetes Operator (connect). It automates the process of creating Kubernetes secret definitions by scanning your Python files for OpModel subclasses and converting them into the appropriate YAML format required by the 1Password k8s operator.

Usage

  • Use -p flag to preview the generated YAML in terminal
  • Use -o flag followed by a filename to save the deployments
  • Simply point to your Python file containing OpModel definitions

This tool helps bridge the gap between your application's secrets management and the 1Password Kubernetes Operator, ensuring smooth deployment of your secrets in a Kubernetes environment.

usage: generate_deployments [-h] [-p] [-o OUTPUT] file_path

Collect OpModel subclasses from a Python file.

positional arguments:
  file_path             Path to the Python file.

options:
  -h, --help            show this help message and exit
  -p, --print           print to stdout
  -o OUTPUT, --output OUTPUT
                        File to save the k8s secret deployments.

Example usage:

generate_deployments examples/example_models.py -p -o secrets.yaml

This will output the 1password k8s items in a single deployment file

🤝 Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

📄 License

This project is licensed under the GPL3 License - see the LICENSE file for details.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ilke-dev from gravatar.com ilke-dev

Unverified details

These details have not been verified by PyPI
Meta
  • License: GNU GENERAL PUBLIC LICENSE
  • Author: Ilke
  • Maintainer: Ilke
  • Tags 1password , orm , op , op-orm , onepassword , onepassword-sdk , devops , secret-management , password-manager , credentials , security , kubernetes , k8s , vault , secret-management , secret-store , api-keys , database-credentials , ssh-keys , infrastructure , automation , configuration-management
  • Requires: Python >=3.12
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

0.2.1

This version

0.2.0

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

op_orm-0.2.0.tar.gz (49.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

op_orm-0.2.0-py3-none-any.whl (36.0 kB view details)

Uploaded Python 3

File details

Details for the file op_orm-0.2.0.tar.gz.

File metadata

  • Download URL: op_orm-0.2.0.tar.gz
  • Upload date:
  • Size: 49.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for op_orm-0.2.0.tar.gz
Algorithm Hash digest
SHA256 21c98f816dce86dba28f8181d3d1da46eea92f853dc477b521efc8cb09bfcd5c
MD5 84922bf0345dc8db709697ebcbda8985
BLAKE2b-256 a80a02175996991c0b1be24b3118a4213658684e3ac2e166fd0b676498ddc70a

See more details on using hashes here.

Provenance

The following attestation bundles were made for op_orm-0.2.0.tar.gz:

Publisher: upload-to-pypi.yml on Ilke-dev/op-orm

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file op_orm-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: op_orm-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 36.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for op_orm-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 4370bcb2c3aed04aa4e8f73921ff2b722f049b1eb0c6d87d945d06712db9ae15
MD5 22944d03c11c7339e7c7b62f519bbbc9
BLAKE2b-256 70d486f1277bad1b6e3d4a958e2012d8847a0d0f88a8aad3271c41a33597e5bd

See more details on using hashes here.

Provenance

The following attestation bundles were made for op_orm-0.2.0-py3-none-any.whl:

Publisher: upload-to-pypi.yml on Ilke-dev/op-orm

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page