Enhance Your Docker Workflow with the 1Password CLI Shell Plugin

TATHAGATA ROYTATHAGATA ROY
6 min read

Utilizing 1Password Shell Plugins

With the aid of 1Password shell plugins, numerous tools and Command-Line Interfaces (CLIs) can be effortlessly accessed directly from the terminal. Storing plaintext APIs on disk poses significant security risks as they can be compromised and accessed by unauthorized users in case the key is stolen. However, by employing shell plugins, CLIs can be securely accessed using a unique fingerprint stored within the 1Password desktop application, associated with each CLI ID.

Docker Shell Plugin Utility

Docker shell plugins can be useful for several reasons:

  1. Enhanced User Experience: Docker shell plugins can provide a more interactive and user-friendly experience for working with Docker. They can offer features like auto-completion, command history, syntax highlighting etc.

  2. Extended Functionality: Shell plugins can extend the functionality of the Docker CLI by adding new commands or options. This allows users to perform additional operations or automate complex tasks.

  3. Integration with External Tools: Docker shell plugins can integrate with external tools and services, enabling seamless interaction between Docker and other components of the development or deployment workflow. For example, a plugin could integrate with a continuous integration/continuous deployment (CI/CD) system, making it easier to build, test, and deploy Docker containers.

  4. Cross-Platform Compatibility: Docker shell plugins may work across different operating systems and shells, making them portable and accessible to a wide range of users. Whether you're using Linux, macOS, or Windows, and whether you prefer Bash, PowerShell, or another shell, Docker shell plugins can enhance your Docker experience uniformly.

Overall, the Docker shell plugin can help improve productivity, simplify complex workflows, and provide a more enjoyable and efficient experience when working with Docker containers and images.

Steps to Create Shell Plugin for Docker on Windows

Requirements

a) Sign up for 1Password: First I had to sign up for 1Password using an email id.

b)Install 1Password CLI: The requirements before installing the 1password Cli are mentioned below:

a) 1Password for Windows: It's a desktop app to access all the passwords and all the shell plugins.

b) Windows Hello: Windows Hello is used to unlock the 1Password app on a PC with my face, fingerprint, or companion device.

Steps to setup Windows Hello:

  1. Open and unlock the 1Password app.

  2. Click on my account or collection at the top of the sidebar and choose Settings.

  3. Click Security, then turn on “Unlock using Windows Hello”.

  4. Click on my account or collection at the top of the sidebar and choose Lock.

  5. Entered the account password to unlock the app.

Steps to install 1password CLI:

1. Download the archive for platform and architecture and extract op.exe.
And then verify its authenticity.

2. Open PowerShell as an administrator.

3. Create a directory to move op.exe into, such as C:\Program Files\1Password CLI.

mkdir "C:\Program Files\1Password CLI"

4. Move op.exe to C:\Program Files\1Password CLI, or another directory in the path. Click OK to apply.

mv ".\op.exe" "C:\Program Files\1Password CLI"

5. Add the directory containing op.exe to your PATH.

6. Check that 1Password CLI was installed successfully:

op --version

Now after 1password CLI is installed I had to sign in so that I can authenticate my accounts with my fingerprint, face, Windows Hello PIN, Apple Watch, or device user password.

To sign in follow these steps:

Step 1: Turn on Windows Hello

To authenticate 1Password CLI with biometrics or my Windows Hello PIN, turn on Windows Hello in the 1Password app:

  1. Open and unlock the app.

  2. Click on my account or collection at the top of the sidebar.

  3. Navigate to Settings > Security.

  4. Select "Allow Windows Hello to unlock 1Password".

The 1Password security pane with the Windows Hello option selected.

Step 2: Turn on the 1Password app integration

To sign in to 1Password CLI with the accounts you've added to the 1Password desktop app, navigate to Settings > Developer and select "Connect with 1Password CLI".

The 1Password Developer settings pane with the Connect with 1Password CLI option selected.

Step 3: Sign in to your account

Enter op signin to select an account to sign in to. Use the arrow keys to select an account, then hit enter. You'll be prompted to authenticate with Windows Hello.

To sign in to a different account, enter op signin again. You can also specify an account to sign in to with the --account flag or by setting the OP_ACCOUNT environment variable.

c) Install Go 1.18 or later: Click the embedded link and download Go for your PC and install it.

d) Install Git: Git is a free and open-source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Go to the embedded link and click Download for Windows. After it's downloaded install git.

e) Install GNU Make: GNU Make is a tool which controls the generation of executables and other non-source files of a program from the program's source files.

Using the plugin template

a) First, I have created a folder for the plugin, go to the folder and then clone or fork the 1Password Shell Plugins repository on GitHub. It contains the current plugin registry, as well as the SDK needed to contribute.

gh repo fork 1Password/shell-plugins

b) Then went to the shell-plugins directory in the forked repo.

cd shell-plugins/

d) Now we start with the plugin

make new-plugin

e) Named the plugin as docker , the Platform as Docker and the executable name as docker.

f) Name of the credential type is set as Personal Access Token and then set an example credential.

g) Changed the name of the Schema-executable to Docker CLI in the docker.go file.

h) Attached the DocsURL for docker.

i) Went to the plugin.go file and then added the docker homepage in the Homepage field.

j) Now to validate the plugin type

make docker/validate

k) Now to build the plugin type

make docker/build

l) Now to check for the docker plugin

op plugin list

All the other plugins' sources will show 1Password Registry only the source of the local plugin of docker will show Local Build.

m) Now create a docker account, go to profile and create a new access token with a name and preferred access. Copy the token and save it into the 1Password desktop app.

n) To test out the plugin type

op plugin init docker

o) Choose Search in 1Password if the docker access token is already saved inside the 1Password desktop app. Next, choose Use as global default on my system.

p) Now we have to source the plugin file.

q) Now if we use

docker API listSites

We will be prompted to provide a fingerprint or any preferable type of authentication and it will show a config file.

r) Now all we had to do is to make a pull request against this repository.

Conclusion

I hope this quick article has provided an overview of making the plugin for the docker CLI using 1Password.

Here are some additional resources to explore further

https://docs.docker.com/engine/reference/commandline/cli/

https://developer.1password.com/docs/cli/shell-plugins/contribute

https://developer.1password.com/docs/cli/get-started

2
Subscribe to my newsletter

Read articles from TATHAGATA ROY directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

TATHAGATA ROY
TATHAGATA ROY

Hello! I'm a passionate and dedicated individual with a love for learning and writing about it.