clerk · dstaley · Jun 23, 2025 · Jun 20, 2025
diff --git a/.changeset/odd-doors-sneeze.md b/.changeset/odd-doors-sneeze.md
@@ -0,0 +1,2 @@
+---
+---
diff --git a/integration/README.md b/integration/README.md
@@ -24,16 +24,9 @@ Before you begin writing tests, you should already have:
 
 You'll only need to follow these instructions once when you setup the integration test suite.
 
-1. Navigate to the `integration` folder:
-   ```shell
-   cd integration
-   ```
-1. Make local duplicates of the sample files. They'll be automatically ignored by git:
-   ```shell
-   cp .env.local.sample .env.local
-   cp .keys.json.sample .keys.json
-   ```
-1. Open Clerk's 1Password and search for **JS SDKs integration tests**. Inside the secure note you'll find the secret keys that should go into `.env.local` and `.keys.json`. Copy them over.
+1. Make sure you have the [1Password CLI installed](https://developer.1password.com/docs/cli/get-started/) and have access to Clerk's "Shared" vault. You will also need to [enable the 1Password desktop app integration](https://developer.1password.com/docs/cli/get-started/#step-2-turn-on-the-1password-desktop-app-integration).
+
+1. Run `pnpm integration:secrets`.
 
 1. Generate the required session keys by running the following command in the `./certs` directory: `mkcert -cert-file sessions.pem -key-file sessions-key.pem "example.com" "*.example.com"`.
 

diff --git a/package.json b/package.json
@@ -15,6 +15,7 @@
     "format": "prettier --write .",
     "format:check": "prettier --cache --check .",
     "preinstall": "npx only-allow pnpm",
+    "integration:secrets": "node ./scripts/1password-keys.mjs",
     "lint": "node ./scripts/lint.mjs",
     "lint:attw": "FORCE_COLOR=1 turbo lint:attw",
     "lint:fix": "FORCE_COLOR=1 turbo lint -- --fix",

diff --git a/scripts/1password-keys.mjs b/scripts/1password-keys.mjs
@@ -0,0 +1,48 @@
+#!/usr/bin/env node
+
+import { writeFile } from 'node:fs/promises';
+import { join } from 'node:path';
+import { $ } from 'zx';
+
+const is1PasswordInstalled = await $`op --version`.then(res => res.exitCode === 0).catch(() => false);
+
+if (!is1PasswordInstalled) {
+  console.error('1Password CLI is not installed. Install it with `brew install 1password-cli`.');
+  process.exit(1);
+}
+
+const envItem = await $`op read 'op://Shared/JS SDKs integration tests/add more/.env.local'`
+  .then(res => {
+    if (res.exitCode === 0) {
+      return res.stdout;
+    }
+
+    return null;
+  })
+  .catch(err => {
+    return null;
+  });
+
+const keysItem = await $`op read 'op://Shared/JS SDKs integration tests/add more/.keys.json'`
+  .then(res => {
+    if (res.exitCode === 0) {
+      return res.stdout;
+    }
+
+    return null;
+  })
+  .catch(err => {
+    return null;
+  });
+
+if (!envItem || !keysItem) {
+  console.error(
+    'Failed to read from 1Password. Have you enabled the 1Password CLI in your 1Password settings? See https://developer.1password.com/docs/cli/get-started/#step-2-turn-on-the-1password-desktop-app-integration for more information.',
+  );
+  process.exit(1);
+}
+
+await writeFile(join(process.cwd(), 'integration', '.env.local'), envItem);
+await writeFile(join(process.cwd(), 'integration', '.keys.json'), keysItem);
+
+console.log('Keys and env written to .keys.json and .env.local');