Extension should provide a command to retrieve a secret's actual value.

[mbenson]

Summary

A command to retrieve a secret's value as a string is a useful addition to the features provided.

Use cases

A debug process may require the a secret value as an environment variable or application parameter. The extension should support the injection of secrets directly from 1Password, avoiding the need to compromise security by providing secrets at rest in launch.json or .env files.

Proposed solution

The proposed getValueFromReference command would support the strategies outlined in VS Code documentation and make it possible to declare inputs that securely provide secret values (the existing getValueFromItem command, in its default "use reference" mode, is appropriate for setting up the input declaration).

Is there a workaround to accomplish this today?

I am not aware of any such workaround.

References & Prior Work

• [https://code.visualstudio.com/docs/reference/variables-reference#_input-variables]

[mjec]

I would also find this useful. My particular use case involves injecting a secret into the environment for a task running on a remote host without having to give that host direct access to the secret (I don't want to store e.g. a service account key on the host).