1 password item creation

kou · August 15, 2024, 12:13pm

Hello,

I’m working on an Ansible script to create items in 1Password using the CLI (op command), but I’m encountering an issue that I can’t resolve. When I run the playbook, I receive the following error: [ERROR] 2024/08/15 14:06:06 invalid JSON in piped input. The relevant part of my playbook includes authenticating with 1Password using the op signin command, which works fine, and then attempting to create a new item with the op item create command. The environment variable OP_SERVICE_ACCOUNT_TOKEN is set correctly, and the op item create command works perfectly when run directly from the command line. However, it fails with the JSON error mentioned above when executed through Ansible. I’m unsure why this is happening and how to fix it. Any guidance or suggestions would be greatly appreciated.

My code is:

- name: Create a 1Password item
  hosts: localhost
  tasks:
    - name: Authenticate with 1Password
      shell: eval $(op signin myaccount.1password.eu --raw)
      register: op_signin

    - name: Create an item in 1Password**
      ansible.builtin.shell: |**
        op item create --category=login --title='Netflix' --vault='test'**
      
      environment:
        OP_SERVICE_ACCOUNT_TOKEN: "{{ lookup('env', 'OP_SERVICE_ACCOUNT_TOKEN') }}"
      register: op_create_output
      #ignore_errors: yes
      
    - name: Display 1Password item 
      debug:
        var: op_create_output.stdout ```

the error message 
"delta": "0:00:00.525052", "end": "2024-08-15 14:06:06.702073", "msg": "non-zero return code", "rc": 1, "start": "2024-08-15 14:06:06.177021", "stderr": "[ERROR] 2024/08/15 14:06:06 invalid JSON in piped input", "stderr_lines": ["[ERROR] 2024/08/15 14:06:06 invalid JSON in piped input"], "stdout": "", "stdout_lines": []}

jpmens · August 15, 2024, 1:28pm

It appears to me as though this cannot work: you are evaluating the result of a command in a task, and I get the feeling you’re assuming that result (probably in the form of environment variables) is available in the second invocation of the shell module. It is not.

These two tasks are independent of eachother and will always be so. If the result of the first (which you’ve registered in op_signin) needs to be given to the second, then you have to do that explicitly.

As an aside: I trust the double asterisks (**) I’m seeing are an artifact of the paste.

You might also wish to use your favorite search engine to find something more solid, maybe a module which does that. My search engine returns plenty of results.

kou · August 15, 2024, 1:46pm

Hello , thank you for the answer . “As an aside: I trust the double asterisks (** ) I’m seeing are an artifact of the paste.” yes this is a typo added automatically from the code format. There is another solution using connect server for example this solution ansible-onepasswordconnect-collection/USAGEGUIDE.md at main · 1Password/ansible-onepasswordconnect-collection · GitHub . But the problem that I don’t have local server my. My 1 password account is using amazon cloud.

kou · August 16, 2024, 10:58am

Hello,

This is the solution to insert new item in 1 password via ansible:

- name: Create a 1Password item
  hosts: localhost
  tasks:
    - name: Create an item in 1Password
      args:
        executable: /bin/bash
      shell: |
        /usr/bin/op item create --category login --title test --vault test--url https://www.netflix.com/login --generate-password --tags tutorial,entertainment </dev/null
      register: op_create_output

    - name: Display 1Password item
      debug:
        var: op_create_output.stdout

ogaida · August 16, 2024, 11:17am

ok, the solution is to append </dev/null at the end of the command. Nice!

kou · August 16, 2024, 11:35am

Yes, exactly Oliver.

system · September 15, 2024, 11:35am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.