package main
import (
"dagger.io/dagger"
"dagger.io/dagger/core"
)
dagger.#Plan & {
client: env: TESTSECRET: dagger.#Secret
actions: {
image: core.#Pull & {
source: "alpine:3.15.0@sha256:e7d88de73db3d3fd9b2d63aa7f447a10fd0220b7cbf39803c803f2af9ba256b3"
}
test: {
verify: core.#Exec & {
input: image.output
mounts: secret: {
dest: "/run/secrets/test"
contents: client.env.TESTSECRET
args: [
"sh", "-c",
#"""
test "$(cat /run/secrets/test)" = "hello world"
ls -l /run/secrets/test | grep -- "-r--------"
"""#,
]
verifyPerm: core.#Exec & {
uid: 42
gid: 24
mask: 0o666
ls -l /run/secrets/test | grep -- "-rw-rw-rw-"
ls -l /run/secrets/test | grep -- "42"
ls -l /run/secrets/test | grep -- "24"