Add docker plugin PoC

AndyTitu · AndyTitu · commit 45401d5de136 · 2025-02-28T11:28:35.000+01:00
diff --git a/plugins/docker/docker-credential-envvars.sh b/plugins/docker/docker-credential-envvars.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+# Credentials helper that returns values from environment variables:
+# * DOCKER_CREDS_USERNAME: the username
+# * DOCKER_CREDS_PASSWORD: the password / token
+# https://docs.docker.com/engine/reference/commandline/login/
+die() {
+  echo "$@" 1>&2
+  exit 1
+}
+
+case "$1" in
+  get)
+    read -r HOST
+    if [ "$HOST" = "$REG" ]; then
+      printf '{"ServerURL":"%s","Username":"%q","Secret":"%q"}\n' \
+        "$HOST" "$DOCKER_CREDS_USR" "$DOCKER_CREDS_PSW"
+    else
+      die "No credentials available for $HOST"
+    fi
+    ;;
+  *)
+    die "Unsupported operation"
+    ;;
+esac
diff --git a/plugins/docker/docker.go b/plugins/docker/docker.go
@@ -0,0 +1,24 @@
+package docker
+
+import (
+	"github.com/1Password/shell-plugins/sdk"
+	"github.com/1Password/shell-plugins/sdk/needsauth"
+	"github.com/1Password/shell-plugins/sdk/schema"
+)
+
+func DockerCLI() schema.Executable {
+	return schema.Executable{
+		Name:    "Docker CLI", // TODO: Check if this is correct
+		Runs:    []string{"docker"},
+		DocsURL: sdk.URL("https://docker.com/docs/cli"), // TODO: Replace with actual URL
+		NeedsAuth: needsauth.IfAll(
+			needsauth.NotForHelpOrVersion(),
+			needsauth.NotWithoutArgs(),
+		),
+		Uses: []schema.CredentialUsage{
+			{
+				Name: "credname.UserLogin",
+			},
+		},
+	}
+}
diff --git a/plugins/docker/plugin.go b/plugins/docker/plugin.go
@@ -0,0 +1,22 @@
+package docker
+
+import (
+	"github.com/1Password/shell-plugins/sdk"
+	"github.com/1Password/shell-plugins/sdk/schema"
+)
+
+func New() schema.Plugin {
+	return schema.Plugin{
+		Name: "docker",
+		Platform: schema.PlatformInfo{
+			Name:     "Docker",
+			Homepage: sdk.URL("https://docker.com"), // TODO: Check if this is correct
+		},
+		Credentials: []schema.CredentialType{
+			UserCredentials(),
+		},
+		Executables: []schema.Executable{
+			DockerCLI(),
+		},
+	}
+}
diff --git a/plugins/docker/provisioner.go b/plugins/docker/provisioner.go
@@ -0,0 +1,28 @@
+package docker
+
+import (
+	"context"
+	"github.com/1Password/shell-plugins/sdk"
+)
+
+type DockerProvisioner struct {
+}
+
+func dockerConfig(in sdk.ProvisionInput) ([]byte, error) {
+	return []byte(`{
+        "auths": {
+                "https://index.docker.io/v1/": {
+                        "credHelper": "envvars"
+                }
+        },
+        "currentContext": "desktop-linux"
+}`), nil
+}
+
+func (d DockerProvisioner) Deprovision(ctx context.Context, in sdk.DeprovisionInput, out *sdk.DeprovisionOutput) {
+	// Nothing to do here: environment variables get wiped automatically when the process exits.
+}
+
+func (d DockerProvisioner) Description() string {
+	return "Provision environment variables with temporary STS credentials AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN"
+}
diff --git a/plugins/docker/user_credentials.go b/plugins/docker/user_credentials.go
@@ -0,0 +1,67 @@
+package docker
+
+import (
+	"context"
+	"github.com/1Password/shell-plugins/sdk"
+	"github.com/1Password/shell-plugins/sdk/importer"
+	"github.com/1Password/shell-plugins/sdk/provision"
+	"github.com/1Password/shell-plugins/sdk/schema"
+	"github.com/1Password/shell-plugins/sdk/schema/fieldname"
+)
+
+func UserCredentials() schema.CredentialType {
+	return schema.CredentialType{
+		Name:          "",                                                         // TODO: Register name in project://sdk/schema/credname/names.go
+		DocsURL:       sdk.URL("https://docker.com/docs/user_credentials"),        // TODO: Replace with actual URL
+		ManagementURL: sdk.URL("https://console.docker.com/user/security/tokens"), // TODO: Replace with actual URL
+		Fields: []schema.CredentialField{
+			{
+				Name:                fieldname.Username,
+				MarkdownDescription: " used to authenticate to Docker.",
+			},
+			{
+				Name:                fieldname.Password,
+				MarkdownDescription: " used to authenticate to Docker.",
+				Secret:              true,
+			},
+		},
+		DefaultProvisioner: provision.TempFile(dockerConfig, provision.AtFixedPath("~/.docker/config.json")),
+		Importer: importer.TryAll(
+			TryDockerConfigFile(),
+		)}
+}
+
+type PerHostAuth struct {
+	UsernamePassword string `json:"auth"`
+}
+
+type Config struct {
+	Auths map[string]PerHostAuth `json:"auths"`
+}
+
+// TODO: Check if the platform stores the User Credentials in a local config file, and if so,
+// implement the function below to add support for importing it.
+func TryDockerConfigFile() sdk.Importer {
+	return importer.TryFile("~/path/to/config/file.yml", func(ctx context.Context, contents importer.FileContents, in sdk.ImportInput, out *sdk.ImportAttempt) {
+		// var config Config
+		// if err := contents.ToYAML(&config); err != nil {
+		// 	out.AddError(err)
+		// 	return
+		// }
+
+		// if config. == "" {
+		// 	return
+		// }
+
+		// out.AddCandidate(sdk.ImportCandidate{
+		// 	Fields: map[sdk.FieldName]string{
+		// 		fieldname.: config.,
+		// 	},
+		// })
+	})
+}
+
+// TODO: Implement the config file schema
+// type Config struct {
+//	 string
+// }
diff --git a/plugins/docker/user_credentials_test.go b/plugins/docker/user_credentials_test.go
@@ -0,0 +1,55 @@
+package docker
+
+import (
+	"testing"
+	
+	"github.com/1Password/shell-plugins/sdk"
+	"github.com/1Password/shell-plugins/sdk/plugintest"
+	"github.com/1Password/shell-plugins/sdk/schema/fieldname"
+)
+	
+func TestUserCredentialsProvisioner(t *testing.T) {
+	plugintest.TestProvisioner(t, UserCredentials().DefaultProvisioner, map[string]plugintest.ProvisionCase{
+		"default": {
+			ItemFields: map[sdk.FieldName]string{ // TODO: Check if this is correct
+				fieldname.: "7nJeRV69EYA3zvEjpSmwb5GEXAMPLE",
+			},
+			ExpectedOutput: sdk.ProvisionOutput{
+				Environment: map[string]string{
+					"DOCKER": "7nJeRV69EYA3zvEjpSmwb5GEXAMPLE",
+				},
+			},
+		},
+	})
+}
+
+func TestUserCredentialsImporter(t *testing.T) {
+	plugintest.TestImporter(t, UserCredentials().Importer, map[string]plugintest.ImportCase{
+		"environment": {
+			Environment: map[string]string{ // TODO: Check if this is correct
+				"DOCKER": "7nJeRV69EYA3zvEjpSmwb5GEXAMPLE",
+			},
+			ExpectedCandidates: []sdk.ImportCandidate{
+				{
+					Fields: map[sdk.FieldName]string{
+						fieldname.: "7nJeRV69EYA3zvEjpSmwb5GEXAMPLE",
+					},
+				},
+			},
+		},
+		// TODO: If you implemented a config file importer, add a test file example in docker/test-fixtures
+		// and fill the necessary details in the test template below.
+		"config file": {
+			Files: map[string]string{
+				// "~/path/to/config.yml": plugintest.LoadFixture(t, "config.yml"),
+			},
+			ExpectedCandidates: []sdk.ImportCandidate{
+			// 	{
+			// 		Fields: map[sdk.FieldName]string{
+			// 			fieldname.Token: "7nJeRV69EYA3zvEjpSmwb5GEXAMPLE",
+			// 		},
+			// 	},
+			},
+		},
+	})
+}
