Feature Request - Access vault from inside docker container
Background
At our work, we spawn a Docker container that contains the tooling required to build our Yocto-based OS image. We want to pull a key from our shared 1Password vault and inject it into our OS image. Developers all have the op plugin installed and are logged in to their accounts.
Problem
If we install the op CLI inside the Docker image, developers have to log in to their account again when they spawn the container to get access to the vault. This is cumbersome. Our workaround is to have developers run a script before spawning the container that opens the vault on their host machine, accesses the vault through the op CLI, and grabs the key. We currently write it to disk on the host and mount that into the Docker container, which is a potential security vulnerability that we'd like to avoid.
Proposed Solution
I'd like to install the op plugin into our builder Docker image and access the op CLI from the host. We can do that for things like SSH - we mount the SSH_AUTH_SOCK into the container and it just proxies requests back into the host. Could there be a domain socket for the op CLI to allow us to do something similar?
Similar Requests
Feature Request: First-Class Support for Dev Containers and 'op' CLI | 1Password Community - but not just for devcontainers, more generic.
