How to provide secrets as env vars during VS Code debug session (Python)?

nskio
nskio
Community Member

I've been looking for a soln that allows me to provide my secrets to services that doesn't require me to store them in an unencrypted format on my machine. op run works brilliantly with secret references, but in doing so it's effectively broken my ability to use the VSCode debugger while authoring my Python, which is somewhat of a deal breaker.

I don't think this is specific to python, but in general, how is it recommended to provide secret values while also continuing to be able to debug Python (or anything, really) with VS Code? Are there any general patterns that the community uses?


1Password Version: 2.18.0
Extension Version: Not Provided
OS Version: Arch Linux
Browser:_ Not Provided

Comments

  • Hi @nskio,

    Does our 1Password VS Code extension cover your use case? https://developer.1password.com/docs/vscode/

    If not, I would love to hear of any gaps in it that we might be able to look into plugging.

    Thank you!
    Amanda

  • nskio
    nskio
    Community Member

    I was unaware this was available, I will definitely give this a try and report back!

  • I look forward to hearing about your experience!

    Amanda

  • nskio
    nskio
    Community Member

    I took a look at the extension and installed it. Unless I missed something, it seems like this helps with browsing your 1password values and inserting references.

    What I'm trying to do is understand the right way to configure a Launch configuration that utilizes one password to inject its secrets into the runtime so they can be utilized during debugging. The obvious choice I think is to set the launch configuration to run op run, but I'm not sure if this will break debugging due to something like process forking. I'll continue to experiment and report back.

This discussion has been closed.