Open PhoenixmitX opened 1 year ago
jodyheavener
commented
1 year ago Hey @PhoenixmitX! Thanks for the request. This is indeed an interesting feature request. It's a little tricky because the extension relies on the CLI, which (in our case) relies on 1Password Desktop itself to perform biometric authentication. In the future we may support Connect server or Service Accounts which may solve this as well.
DanielHabenicht
commented
1 year ago I would love this feature! Currently testing different Password managers and this would definitely be sensational.
The idea with just proxying any requests to the local instance seems reasonable and should be straightforward to implement.
clayton-bridge
commented
1 year ago I would also love to see this feature! Thanks for your hard work, @jodyheavener!
alexandergoya
commented
7 months ago +1 for this feature. Thank you
andrewhharmon
commented
3 months ago I'd like to add that service accounts aren't ideal bc you now have long lived credentials on developer machines. Ideally a developer can connect to 1Password from inside a container but auth via the desktop app on the host. Such as biometrics.
DavidS-ovm
commented
1 week ago It's a little tricky because the extension relies on the CLI, which (in our case) relies on 1Password Desktop itself to perform biometric authentication. In the future we may support Connect server or Service Accounts which may solve this as well.
It would be really nice to have access/proxy through the 1Password-BrowserSupport.sock into the remote container to allow running op without any workarounds but linked to the host's biometrics.
On Linux I can easily add a mount to pull it in, but that does not work for my colleagues on other operating systems.
SimonRelu
commented
2 days ago It would be really nice to have access/proxy through the 1Password-BrowserSupport.sock into the remote container to allow running op without any workarounds but linked to the host's biometrics.
On Linux I can easily add a mount to pull it in, but that does not work for my colleagues on other operating systems.
@DavidS-ovm That's interesting. We have a similar worklfow where we often work on a remote docker container. I was wondering how you acchieved this access/proxy. Did you use a reverse ssh tunnel?
DavidS-ovm
commented
2 days ago It would be really nice to have access/proxy through the 1Password-BrowserSupport.sock into the remote container to allow running op without any workarounds but linked to the host's biometrics.
On Linux I can easily add a mount to pull it in, but that does not work for my colleagues on other operating systems.
@DavidS-ovm That's interesting. We have a similar worklfow where we often work on a remote docker container. I was wondering how you acchieved this access/proxy. Did you use a reverse ssh tunnel?
No, I'm now using a service account token inside the container that I inject through op run code at startup time, which is protected by the actual user's identity. It's not great, but it works for now.
TekExplorer
commented
14 hours ago It would be great to have requests provided through ex vscode tunnels.
Currently running windows machines, so my options are ultimately limited.
It kinda sucks to have to TeamViewer into my desktop to allow my code to be committed...
Summary
Add support for remote development
Use cases
Well support for everyone who codes in a remote environment like
Proposed solution
The extension need to be loaded on the remote development container and at the client. The remove container sends throw the client the request to the op cli
for vscode instances running on the browser at the client some other solution may be required. A solution may be to use the browser extensions instead
Is there a workaround to accomplish this today?
Sadly i don't know a workaround
References & Prior Work
¯\_(ツ)_/¯