This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
dagger/stdlib/docker/docker.cue

184 lines
3.2 KiB
CUE
Raw Normal View History

package docker
import (
"dagger.io/dagger"
"dagger.io/dagger/op"
)
// Build a Docker image from source, using included Dockerfile
#Build: {
source: dagger.#Artifact @dagger(input)
#up: [
op.#DockerBuild & {
context: source
},
]
}
// Pull a docker container
#Pull: {
// Remote ref (example: "index.docker.io/alpine:latest")
from: string @dagger(input)
#up: [
op.#FetchContainer & {ref: from},
]
}
// Push a docker image
#Push: {
// Remote ref (example: "index.docker.io/alpine:latest")
ref: string @dagger(input)
// Image
source: dagger.#Artifact @dagger(input)
#up: [
op.#Load & {from: source},
op.#PushContainer & {"ref": ref},
]
}
#Run: {
// Remote host
host: string @dagger(input)
// Remote user
user: string @dagger(input)
// Ssh remote port
port: *22 | int @dagger(input)
// Ssh private key
key: dagger.#Secret @dagger(input)
// User fingerprint
fingerprint?: string @dagger(input)
// Ssh passphrase
passphrase?: dagger.#Secret @dagger(input)
// Image reference (e.g: nginx:alpine)
ref: string @dagger(input)
// Container name
name?: string @dagger(input)
// Image registry
registry?: {
target: string
username: string
secret: dagger.#Secret
} @dagger(input)
#code: #"""
export DOCKER_HOST="ssh://$DOCKER_USERNAME@$DOCKER_HOSTNAME:\#(port)"
# Start ssh-agent
eval $(ssh-agent) > /dev/null
# Add key
message="$(ssh-keygen -y -f /key < /dev/null 2>&1)" || {
>&2 echo "$message"
exit 1
}
ssh-add /key > /dev/null
if [ "$?" != 0 ]; then
exit 1
fi
if [[ ! -z $FINGERPRINT ]]; then
mkdir -p "$HOME"/.ssh
# Add user's fingerprint to known hosts
echo "$FINGERPRINT" >> "$HOME"/.ssh/known_hosts
else
# Add host to known hosts
ssh -i /key -o "UserKnownHostsFile "$HOME"/.ssh/known_hosts" -o "StrictHostKeyChecking accept-new" -p \#(port) "$DOCKER_USERNAME"@"$DOCKER_HOSTNAME" /bin/true > /dev/null 2>&1
fi
# Run detach container
OPTS=""
if [ ! -z "$CONTAINER_NAME" ]; then
OPTS="$OPTS --name $CONTAINER_NAME"
fi
docker container run -d $OPTS \#(ref)
"""#
#up: [
op.#Load & {from: #Client},
if registry != _|_ {
op.#DockerLogin & {registry}
},
if passphrase != _|_ {
op.#WriteFile & {
content: #"""
#!/bin/bash
cat /passphrase
"""#
dest: "/get_passphrase"
mode: 0o500
}
},
op.#WriteFile & {
content: #code
dest: "/entrypoint.sh"
},
op.#Exec & {
always: true
args: [
"/bin/sh",
"--noprofile",
"--norc",
"-eo",
"pipefail",
"/entrypoint.sh",
]
env: {
DOCKER_HOSTNAME: host
DOCKER_USERNAME: user
if passphrase != _|_ {
SSH_ASKPASS: "/get_passphrase"
DISPLAY: "1"
}
if name != _|_ {
CONTAINER_NAME: name
}
if fingerprint != _|_ {
FINGERPRINT: fingerprint
}
}
mount: {
"/key": secret: key
if passphrase != _|_ {
"/passphrase": secret: passphrase
}
}
},
]
}
// Build a Docker image from the provided Dockerfile contents
// FIXME: incorporate into #Build
#ImageFromDockerfile: {
dockerfile: string @dagger(input)
context: dagger.#Artifact @dagger(input)
#up: [
op.#DockerBuild & {
"context": context
"dockerfile": dockerfile
},
]
}