Enhance Your Docker Workflow with the 1Password CLI Shell Plugin
Utilizing 1Password Shell Plugins
With the aid of 1Password shell plugins, numerous tools and Command-Line Interfaces (CLIs) can be effortlessly accessed directly from the terminal. Storing plaintext APIs on disk poses significant security risks as they can be compromised and accessed by unauthorized users in case the key is stolen. However, by employing shell plugins, CLIs can be securely accessed using a unique fingerprint stored within the 1Password desktop application, associated with each CLI ID.
Docker Shell Plugin Utility
Docker shell plugins can be useful for several reasons:
Enhanced User Experience: Docker shell plugins can provide a more interactive and user-friendly experience for working with Docker. They can offer features like auto-completion, command history, syntax highlighting etc.
Extended Functionality: Shell plugins can extend the functionality of the Docker CLI by adding new commands or options. This allows users to perform additional operations or automate complex tasks.
Integration with External Tools: Docker shell plugins can integrate with external tools and services, enabling seamless interaction between Docker and other components of the development or deployment workflow. For example, a plugin could integrate with a continuous integration/continuous deployment (CI/CD) system, making it easier to build, test, and deploy Docker containers.
Cross-Platform Compatibility: Docker shell plugins may work across different operating systems and shells, making them portable and accessible to a wide range of users. Whether you're using Linux, macOS, or Windows, and whether you prefer Bash, PowerShell, or another shell, Docker shell plugins can enhance your Docker experience uniformly.
Overall, the Docker shell plugin can help improve productivity, simplify complex workflows, and provide a more enjoyable and efficient experience when working with Docker containers and images.
Steps to Create Shell Plugin for Docker on Windows
Requirements
a) Sign up for 1Password: First I had to sign up for 1Password using an email id.
b)Install 1Password CLI: The requirements before installing the 1password Cli are mentioned below:
a) 1Password for Windows: It's a desktop app to access all the passwords and all the shell plugins.
b) Windows Hello: Windows Hello is used to unlock the 1Password app on a PC with my face, fingerprint, or companion device.
Steps to setup Windows Hello:
Open and unlock the 1Password app.
Click on my account or collection at the top of the sidebar and choose Settings.
Click Security, then turn on “Unlock using Windows Hello”.
Click on my account or collection at the top of the sidebar and choose Lock.
Entered the account password to unlock the app.
Steps to install 1password CLI:
1. Download the archive for platform and architecture and extract op.exe
.
And then verify its authenticity.
2. Open PowerShell as an administrator.
3. Create a directory to move op.exe
into, such as C:\Program Files\1Password CLI
.
mkdir "C:\Program Files\1Password CLI"
4. Move op.exe
to C:\Program Files\1Password CLI
, or another directory in the path. Click OK to apply.
mv ".\op.exe" "C:\Program Files\1Password CLI"
5. Add the directory containing op.exe
to your PATH.
6. Check that 1Password CLI was installed successfully:
op --version
Now after 1password CLI is installed I had to sign in so that I can authenticate my accounts with my fingerprint, face, Windows Hello PIN, Apple Watch, or device user password.
To sign in follow these steps:
Step 1: Turn on Windows Hello
To authenticate 1Password CLI with biometrics or my Windows Hello PIN, turn on Windows Hello in the 1Password app:
Open and unlock the app.
Click on my account or collection at the top of the sidebar.
Navigate to Settings > Security.
Select "Allow Windows Hello to unlock 1Password".
Step 2: Turn on the 1Password app integration
To sign in to 1Password CLI with the accounts you've added to the 1Password desktop app, navigate to Settings > Developer and select "Connect with 1Password CLI".
Step 3: Sign in to your account
Enter op signin
to select an account to sign in to. Use the arrow keys to select an account, then hit enter. You'll be prompted to authenticate with Windows Hello.
To sign in to a different account, enter op signin
again. You can also specify an account to sign in to with the --account
flag or by setting the OP_ACCOUNT
environment variable.
c) Install Go 1.18 or later: Click the embedded link and download Go for your PC and install it.
d) Install Git: Git is a free and open-source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Go to the embedded link and click Download for Windows. After it's downloaded install git.
e) Install GNU Make: GNU Make is a tool which controls the generation of executables and other non-source files of a program from the program's source files.
Using the plugin template
a) First, I have created a folder for the plugin, go to the folder and then clone or fork the 1Password Shell Plugins repository on GitHub. It contains the current plugin registry, as well as the SDK needed to contribute.
gh repo fork 1Password/shell-plugins
b) Then went to the shell-plugins directory in the forked repo.
cd shell-plugins/
d) Now we start with the plugin
make new-plugin
e) Named the plugin as docker
, the Platform as Docker
and the executable name as docker
.
f) Name of the credential type is set as Personal Access Token
and then set an example credential.
g) Changed the name of the Schema-executable to Docker CLI
in the docker.go
file.
h) Attached the DocsURL for docker.
i) Went to the plugin.go
file and then added the docker homepage in the Homepage field.
j) Now to validate the plugin type
make docker/validate
k) Now to build the plugin type
make docker/build
l) Now to check for the docker
plugin
op plugin list
All the other plugins' sources will show 1Password Registry only the source of the local plugin of docker
will show Local Build
.
m) Now create a docker
account, go to profile and create a new access token with a name and preferred access. Copy the token and save it into the 1Password desktop app.
n) To test out the plugin type
op plugin init docker
o) Choose Search in 1Password
if the docker access token is already saved inside the 1Password desktop app. Next, choose Use as global default on my system
.
p) Now we have to source the plugin file.
q) Now if we use
docker API listSites
We will be prompted to provide a fingerprint or any preferable type of authentication and it will show a config file.
r) Now all we had to do is to make a pull request against this repository.
Conclusion
I hope this quick article has provided an overview of making the plugin for the docker CLI using 1Password.
Here are some additional resources to explore further
https://docs.docker.com/engine/reference/commandline/cli/
https://developer.1password.com/docs/cli/shell-plugins/contribute
Subscribe to my newsletter
Read articles from TATHAGATA ROY directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
TATHAGATA ROY
TATHAGATA ROY
Hello! I'm a passionate and dedicated individual with a love for learning and writing about it.