search

1Password / shell-plugins

Seamless authentication for every tool in your terminal.
https://developer.1password.com/docs/cli/shell-plugins/
MIT License
506 stars 163 forks source link

Create Azure CLI plugin #431

Open oWretch opened 4 months ago

oWretch commented 4 months ago

Overview

Create a new plugin for Azure CLI.

Sadly the az cli doesn't support environment variables for login, so this plugin runs az login and az logout to resolve this issue.

The plugin uses an Entra ID Service Principal for authentication which needs to be created and granted permissions to the Azure subscription(s).

Type of change

- [x] Created a new plugin - [ ] Improved an existing plugin - [ ] Fixed a bug in an existing plugin - [ ] Improved contributor utilities or experience ## Related Issue(s) None ## How To Test

az group list

Changelog

Authenticate the Azure CLI using Touch ID and other unlock options with 1Password Shell Plugins. The Azure plugin can be correctly initialized with a default credential, using `op plugin az init`. The Azure plugin will check for the `AZURE_CLIENT_ID`, `AZURE_CLIENT_SECRET`, and `AZURE_TENANT_ID` environment variables and attempts to import credentials from them.
github-actions[bot] commented 4 months ago

⚠️ This PR contains unsigned commits. To get your PR merged, please sign those commits (git rebase --exec 'git commit -S --amend --no-edit -n' @{upstream}) and force push them to this branch (git push --force-with-lease).

If you're new to commit signing, there are different ways to set it up:

Sign commits with gpg

Follow the steps below to set up commit signing with `gpg`: 1. [Generate a GPG key](https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key) 2. [Add the GPG key to your GitHub account](https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-gpg-key-to-your-github-account) 3. [Configure `git` to use your GPG key for commit signing](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key#telling-git-about-your-gpg-key)
Sign commits with ssh-agent

Follow the steps below to set up commit signing with `ssh-agent`: 1. [Generate an SSH key and add it to `ssh-agent`](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent) 2. [Add the SSH key to your GitHub account](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account) 3. [Configure `git` to use your SSH key for commit signing](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key#telling-git-about-your-ssh-key)
Sign commits with 1Password

You can also sign commits using 1Password, which lets you sign commits with biometrics without the signing key leaving the local 1Password process. Learn how to [use 1Password to sign your commits](https://developer.1password.com/docs/ssh/git-commit-signing/). Watch the demo
oWretch commented 4 months ago

The provisioner test is based on setting environment variables which is not actually usable by az cli. I'm not sure what the best way to approach this is...