Docker image for the cli

aaronpowell
aaronpowell
Community Member

I wanted an easy way to test the cli tool but didn't want to have to install it, so I've created a Docker image for it: https://hub.docker.com/r/aaronpowell/1password-cli/ (GitHub repo: https://github.com/aaronpowell/1password-cli-docker).

Feedback welcome :smile:


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Cool! Thanks for doing that. As we work towards the 1.0 we'll be looking at finding more ways of distributing the build.

    Rick

  • cohix
    cohix
    1Password Alumni

    @aaronpowell That's fantastic, thanks for doing that :)

  • aaronpowell
    aaronpowell
    Community Member

    @cohix - image updated and a new tag is out for it.

    I want to create an alpine image, but I need to work out how (if at all) I can run the cli on alpine (last night I didn't get far)

  • Let us know if there's any information that we could provide that could help you with that.

    Rick

  • bombsimon
    bombsimon
    Community Member

    Sorry to bump this but I just now found out about this CLI tool. Since I didn't find an image at your docker hub using alpine I made one.

    FROM alpine:latest
    
    RUN apk add --update \
        bash curl libc6-compat unzip jq && \
        curl -o 1password.zip https://cache.agilebits.com/dist/1P/op/pkg/v0.1.1/op_linux_amd64_v0.1.1.zip && \
        unzip 1password.zip -d /usr/bin && \
        rm 1password.zip
    
    ENTRYPOINT /bin/bash
    

    And seems to be working

    $ docker exec op_alpine_1 op --version
    0.1.1
    
  • cohix
    cohix
    1Password Alumni

    @bombsimon That's awesome! I'll give it a try later on.

  • Smudge
    Smudge
    Community Member

    @rickfillion So that we can script install and updates, would it be possible for your Release Engineering Team to create static symbolic links that point to the latest beta and release files?

    This way scripts like the Docker one above would not have to be updated every time a new version is available. We could use commands like these in the scripts.
    curl -o 1P-beta.zip https://cache.agilebits.com/dist/1P/op/pkg/op_darwin_386_latest.zip
    curl -o 1P-release.zip https://cache.agilebits.com/dist/1P/op/pkg/op_darwin_386_current.zip

    For example, here would be a static link for "latest" which is pointing to the most recent beta version
    /dist/1P/op/pkg/op_darwin_386_latest.zip -> v0.1.1/op_darwin_386_v0.1.1.zip

    When the non-beta 1.0 version is released, they would create
    /dist/1P/op/pkg/op_darwin_386_current.zip -> v1.0.0/op_darwin_386_v1.0.0.zip
    but also set "latest" to the same.
    /dist/1P/op/pkg/op_darwin_386_latest.zip -> v1.0.0/op_darwin_386_v1.0.0.zip
    or even
    /dist/1P/op/pkg/op_darwin_386_latest.zip -> op_darwin_386_current.zip

    I hope they are using automated scripts to build and push the files to the web server. If so, it would be a minor addition to the scripts to do this automatically for each release.

    Thanks

  • I think our update server already makes this possible, I'll just need to talk to our ops team to have them remind me how it can be done. I have a feeling that it might not like the fact that we have 74 different platforms though (ok I exaggerate a little).

    Rick

  • OK I found out what it was that I was remembering, and while it might work I suspect you'll tell me that it's a little more work than you're looking to do.

    Our update server has an endpoint https://app-updates.agilebits.com/latest

    It can tell you about the latest releases of our apps. So you could use its response's CLI.release.version in order to create the URL you're looking for. Not being super familiar with docker scripts I'm not sure what's all possible there.

    Rick

  • dvalentiate
    dvalentiate
    Community Member

    I've been able to get the 1Password cli working with the following, which produces a 9.78MB docker image.

    FROM alpine:latest as build
    
    RUN apk --no-cache add curl && \
      curl -o 1password.zip https://cache.agilebits.com/dist/1P/op/pkg/v0.2/op_linux_386_v0.2.zip && \
      unzip 1password.zip op -d /usr/bin && \
      rm 1password.zip
    
    FROM alpine:latest
    
    COPY --from=build /usr/bin/op /usr/bin/
    
    RUN apk --no-cache add ca-certificates
    
    CMD /bin/sh
    

    Save the above to a empty folder as Dockerfile

    Build it in that directory with

    docker build -t 1password-cli .
    

    Use it with

    docker run --rm -it 1password-cli
    

    and then the usual op commands such as

    eval $(op signin <account> <email> <secret-key>)
    op get item --vault="<valut>" "<key>"
    
  • cohix
    cohix
    1Password Alumni

    Fantastic @dvalentiate that's great :) We'll keep that in mind if we decide to provide an official Docker image.

  • dvalentiate
    dvalentiate
    Community Member

    Update for version 0.3

    Dockerfile

    FROM alpine:latest as build
    ENV OP_CLI_VERSION=v0.3
    RUN apk --no-cache add curl && \
      curl -sS -o 1password.zip https://cache.agilebits.com/dist/1P/op/pkg/${OP_CLI_VERSION}/op_linux_386_${OP_CLI_VERSION}.zip && \
      unzip 1password.zip op -d /usr/bin && \
      rm 1password.zip
    FROM alpine:latest
    COPY --from=build /usr/bin/op /usr/bin/
    RUN apk --no-cache add ca-certificates
    ENV USER=root
    ENTRYPOINT ["/usr/bin/op"]
    

    build with

    docker build -t 1password .
    

    and usage like docker run -it --rm 1password <command>. Example:

    docker run -it --rm 1password signin <account>.1password.com <email> <secret-key>
    
  • AGAlumB
    AGAlumB
    1Password Alumni

    Awesome! Thank you! :chuffed:

  • Moritz_
    Moritz_
    Community Member

    I just stumbled across this thread as I was also building a script that fetches the latest CLI build for initial installation.
    The https://app-updates.agilebits.com/latest endpoint doesn't list a URL for the op.
    I was wondering if you would think about adding a URL for latest version directly rather than me having to build the URL string myself.
    Not that I couldn't, that's how I worked around that, but a jq command for the URL directly would've been neat too!

  • Yeah it'd be nice for us to have the support for 'latest' there. We're currently in the process of redoing our app-updates service so I hope we can get it into the new version. In the mean time this should work:

    #! /bin/bash
    
    VERSION=$(curl https://app-updates.agilebits.com/check/1/0/CLI/en/0.1 | jq -r '.version')
    URL="https://cache.agilebits.com/dist/1P/op/pkg/v$VERSION/op_linux_amd64_v$VERSION.zip"
    
  • Moritz_
    Moritz_
    Community Member

    Ahh good to know for that there might be a change some time - will keep this in mind when something is not working as expected in my scripts :P

  • AGAlumB
    AGAlumB
    1Password Alumni

    Haha indeed, definitely reach out if you run into any issues, since two out of the three possible causes (user error, intentional app change, or bug) will be ours. ;)

This discussion has been closed.