Add Descope Shell Plugin #570
Conversation
Marton6
left a comment
There was a problem hiding this comment.
Looks great! Thank you for the contribution.
Left one blocking comment, and some general notes on the review process.
| // TODO: Check if the platform stores the Management Key in a local config file, and if so, | ||
| // implement the function below to add support for importing it. | ||
| func TryDescopeConfigFile() sdk.Importer { | ||
| return importer.TryFile("~/path/to/config/file.yml", func(ctx context.Context, contents importer.FileContents, in sdk.ImportInput, out *sdk.ImportAttempt) { | ||
| // var config Config |
There was a problem hiding this comment.
Based on the docs, the descope CLI doesn't store credentials on disk and doesn't support provisioning credentials from a file on disk, therefore we can leave out this function, the config struct below and the related test.
These are added to encourage contributors to double check if config files can also store credentials, but should be removed if not used, since having some unused code makes it harder to interpret the meaning of code and increases the risk of bugs.
| func ManagementKey() schema.CredentialType { | ||
| return schema.CredentialType{ | ||
| Name: credname.ManagementKey, | ||
| DocsURL: sdk.URL("https://docs.descope.com/cli/descope"), |
There was a problem hiding this comment.
Note: Here we would usually put a link to documentation explaining what descope management keys are and how they work. Unfortunately, the descope docs don't seem to have a separate page explaining what descope management keys are, so there is nothing good for us to link here.
So in this case, I believe it's fine to use this link in the case of this shell plugin.
| Host = sdk.FieldName("Host") | ||
| HostAddress = sdk.FieldName("Host Address") | ||
| Key = sdk.FieldName("Key") | ||
| ManagementKey = sdk.FieldName("Management Key") |
There was a problem hiding this comment.
Note: Usually I would have suggested using an existing field name instead of adding new ones, however, since the descope CLI has both "Management Keys" and "Access Keys" it is important to be clear to the descope and 1Password users with regards to which of these keys we're referring to. Therefore I think it is a great call to introduce this new field name here.
Overview
This PR adds a shell plugin for Descope (https://www.descope.com). Currently it supports the authentication of an admin using a Project ID and Management Key.
I am not a Descope user, so the nuances of that service are not well known to me. This may need to be reverted to draft if the main value lies in non-Descope admin CLI users. If that's the case I'll have to add functionality to handle Access Keys as well.
References:
Type of change
Related Issue(s)
How To Test
Reference: https://docs.descope.com/cli/descope
op plugin init descopeas prompted.Changelog
Authenticate into the Descope CLI as a Descope account admin.