Overview

This PR adds a new shell plugin for CockroachDB that enables secure credential management for the cockroach sql command. The plugin supports both local development (insecure mode) and production environments (secure TLS connections) through environment variable configuration.

Type of change

• Created a new plugin
• Improved an existing plugin
• Fixed a bug in an existing plugin
• Improved contributor utilities or experience

Related Issue(s)

• Resolves: #
• Relates: #

How To Test

tl;dr There's a demo. https://streamable.com/btqzp5. It goes from a clean DB credential creation, renaming fields to match the expected format, etc.

Apologies for the streamable link, but GitHub has a 10mb file size limit and the mp4 demo video was already 58 or so mb.

1. Set up database credentials in 1Password with the following fields:

   • Host: localhost
   • Port: 26257
   • User: root
   • Database: defaultdb
   • insecure: 1 (for local development)

2. Test with local CockroachDB instance:

   # Start CockroachDB in insecure mode
   cockroach start-single-node --insecure --listen-addr=localhost:26257
   
   # Test the plugin
   op run -- cockroach sql

3. Test environment variable import:

   export COCKROACH_HOST=localhost
   export COCKROACH_PORT=26257
   export COCKROACH_USER=root
   export COCKROACH_INSECURE=1
   op plugin init cockroachdb

4. Run plugin validation:

   go run cmd/contrib/main.go cockroachdb/validate

Changelog

The CockroachDB plugin enables authentication for the cockroach sql command using Touch ID and other unlock options with 1Password Shell Plugins.