ADR-010: 1Password Naming Convention

Publishable summary of this architecture decision.

Status: Accepted

Context

Secrets management for CI/CD, servers, and local development needs consistent naming and clear criteria for vault creation and access control.

Decision

Standardize naming: vaults CI-{PROJECT} (UPPERCASE), items {SERVICE}-{context}, sections kebab-case, fields snake_case in English. Three consumption patterns: Service Account (CI), OP Connect (server), op run (local dev). Objective criteria for when to create a dedicated vault vs using shared.

Consequences

Predictable naming. Granular access control per project. Gradual migration of existing items.