Open PhoenixmitX opened 1 year ago
Hey @PhoenixmitX! Thanks for the request. This is indeed an interesting feature request. It's a little tricky because the extension relies on the CLI, which (in our case) relies on 1Password Desktop itself to perform biometric authentication. In the future we may support Connect server or Service Accounts which may solve this as well.
I would love this feature! Currently testing different Password managers and this would definitely be sensational.
The idea with just proxying any requests to the local instance seems reasonable and should be straightforward to implement.
I would also love to see this feature! Thanks for your hard work, @jodyheavener!
+1 for this feature. Thank you
I'd like to add that service accounts aren't ideal bc you now have long lived credentials on developer machines. Ideally a developer can connect to 1Password from inside a container but auth via the desktop app on the host. Such as biometrics.
It's a little tricky because the extension relies on the CLI, which (in our case) relies on 1Password Desktop itself to perform biometric authentication. In the future we may support Connect server or Service Accounts which may solve this as well.
It would be really nice to have access/proxy through the 1Password-BrowserSupport.sock
into the remote container to allow running op
without any workarounds but linked to the host's biometrics.
On Linux I can easily add a mount to pull it in, but that does not work for my colleagues on other operating systems.
It would be really nice to have access/proxy through the 1Password-BrowserSupport.sock into the remote container to allow running op without any workarounds but linked to the host's biometrics.
On Linux I can easily add a mount to pull it in, but that does not work for my colleagues on other operating systems.
@DavidS-ovm That's interesting. We have a similar worklfow where we often work on a remote docker container. I was wondering how you acchieved this access/proxy. Did you use a reverse ssh tunnel?
It would be really nice to have access/proxy through the 1Password-BrowserSupport.sock into the remote container to allow running op without any workarounds but linked to the host's biometrics.
On Linux I can easily add a mount to pull it in, but that does not work for my colleagues on other operating systems.
@DavidS-ovm That's interesting. We have a similar worklfow where we often work on a remote docker container. I was wondering how you acchieved this access/proxy. Did you use a reverse ssh tunnel?
No, I'm now using a service account token inside the container that I inject through op run code
at startup time, which is protected by the actual user's identity. It's not great, but it works for now.
It would be great to have requests provided through ex vscode tunnels.
Currently running windows machines, so my options are ultimately limited.
It kinda sucks to have to TeamViewer into my desktop to allow my code to be committed...
Summary
Add support for remote development
Use cases
Well support for everyone who codes in a remote environment like
Proposed solution
The extension need to be loaded on the remote development container and at the client. The remove container sends throw the client the request to the op cli
for vscode instances running on the browser at the client some other solution may be required. A solution may be to use the browser extensions instead
Is there a workaround to accomplish this today?
Sadly i don't know a workaround
References & Prior Work
¯\_(ツ)_/¯