added support for username:password
Signed-off-by: Richard Jones <richard@dagger.io>
This commit is contained in:
parent
a49d794409
commit
0295dc6340
@ -3,8 +3,10 @@ package task
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"github.com/moby/buildkit/client/llb"
|
"github.com/moby/buildkit/client/llb"
|
||||||
|
"github.com/rs/zerolog/log"
|
||||||
"go.dagger.io/dagger/compiler"
|
"go.dagger.io/dagger/compiler"
|
||||||
"go.dagger.io/dagger/plancontext"
|
"go.dagger.io/dagger/plancontext"
|
||||||
"go.dagger.io/dagger/solver"
|
"go.dagger.io/dagger/solver"
|
||||||
@ -18,53 +20,65 @@ type gitPullTask struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (c gitPullTask) Run(ctx context.Context, pctx *plancontext.Context, s solver.Solver, v *compiler.Value) (*compiler.Value, error) {
|
func (c gitPullTask) Run(ctx context.Context, pctx *plancontext.Context, s solver.Solver, v *compiler.Value) (*compiler.Value, error) {
|
||||||
remote, err := v.Lookup("remote").String()
|
var gitPull struct {
|
||||||
if err != nil {
|
Remote string
|
||||||
return nil, err
|
Ref string
|
||||||
}
|
KeepGitDir bool
|
||||||
ref, err := v.Lookup("ref").String()
|
Username string
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
}
|
||||||
|
|
||||||
remoteRedacted := remote
|
if err := v.Decode(&gitPull); err != nil {
|
||||||
if u, err := url.Parse(remote); err == nil {
|
return nil, err
|
||||||
remoteRedacted = u.Redacted()
|
|
||||||
}
|
}
|
||||||
|
|
||||||
gitOpts := []llb.GitOption{}
|
gitOpts := []llb.GitOption{}
|
||||||
var opts struct {
|
|
||||||
KeepGitDir bool
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := v.Decode(&opts); err != nil {
|
lg := log.Ctx(ctx)
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
if opts.KeepGitDir {
|
if gitPull.KeepGitDir {
|
||||||
|
lg.Debug().Str("keepGitDir", "true").Msg("adding git option")
|
||||||
gitOpts = append(gitOpts, llb.KeepGitDir())
|
gitOpts = append(gitOpts, llb.KeepGitDir())
|
||||||
}
|
}
|
||||||
|
|
||||||
// Secret
|
if gitPull.Username != "" {
|
||||||
if authToken := v.Lookup("authToken"); authToken.Exists() {
|
pwd := v.Lookup("password")
|
||||||
|
|
||||||
|
pwdSecret, err := pctx.Secrets.FromValue(pwd)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
remote, err := url.Parse(gitPull.Remote)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
remote.User = url.UserPassword(gitPull.Username, strings.TrimSpace(pwdSecret.PlainText()))
|
||||||
|
gitPull.Remote = remote.String()
|
||||||
|
} else if authToken := v.Lookup("authToken"); plancontext.IsSecretValue(authToken) {
|
||||||
authTokenSecret, err := pctx.Secrets.FromValue(authToken)
|
authTokenSecret, err := pctx.Secrets.FromValue(authToken)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
lg.Debug().Str("authToken", "***").Msg("adding git option")
|
||||||
gitOpts = append(gitOpts, llb.AuthTokenSecret(authTokenSecret.ID()))
|
gitOpts = append(gitOpts, llb.AuthTokenSecret(authTokenSecret.ID()))
|
||||||
}
|
} else if authHeader := v.Lookup("authHeader"); plancontext.IsSecretValue(authHeader) {
|
||||||
|
|
||||||
if authHeader := v.Lookup("authHeader"); authHeader.Exists() {
|
|
||||||
authHeaderSecret, err := pctx.Secrets.FromValue(authHeader)
|
authHeaderSecret, err := pctx.Secrets.FromValue(authHeader)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
lg.Debug().Str("authHeader", "***").Msg("adding git option")
|
||||||
gitOpts = append(gitOpts, llb.AuthHeaderSecret(authHeaderSecret.ID()))
|
gitOpts = append(gitOpts, llb.AuthHeaderSecret(authHeaderSecret.ID()))
|
||||||
}
|
}
|
||||||
|
|
||||||
gitOpts = append(gitOpts, withCustomName(v, "FetchGit %s@%s", remoteRedacted, ref))
|
remoteRedacted := gitPull.Remote
|
||||||
|
if u, err := url.Parse(gitPull.Remote); err == nil {
|
||||||
|
remoteRedacted = u.Redacted()
|
||||||
|
}
|
||||||
|
|
||||||
st := llb.Git(remote, ref, gitOpts...)
|
gitOpts = append(gitOpts, withCustomName(v, "GitPull %s@%s", remoteRedacted, gitPull.Ref))
|
||||||
|
|
||||||
|
st := llb.Git(gitPull.Remote, gitPull.Ref, gitOpts...)
|
||||||
|
|
||||||
result, err := s.Solve(ctx, st, pctx.Platform.Get())
|
result, err := s.Solve(ctx, st, pctx.Platform.Get())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -11,12 +11,21 @@ package engine
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Pull a directory from a git remote
|
// Pull a directory from a git remote
|
||||||
|
// Note: do not add credentials to the remote url: e.g: https://username:password@github.com
|
||||||
|
// as this will expose those in logs. By using username and password (as #Secret) Dagger will
|
||||||
|
// url encode them for you
|
||||||
#GitPull: {
|
#GitPull: {
|
||||||
$dagger: task: _name: "GitPull"
|
$dagger: task: _name: "GitPull"
|
||||||
remote: string
|
remote: string
|
||||||
ref: string
|
ref: string
|
||||||
authToken?: #Secret
|
keepGitDir: true | *false
|
||||||
authHeader?: #Secret
|
{
|
||||||
keepGitDir: true | *false
|
username: string
|
||||||
output: #FS
|
password: #Secret // can be password or personal access token
|
||||||
|
} | {
|
||||||
|
authToken: #Secret
|
||||||
|
} | {
|
||||||
|
authHeader: #Secret
|
||||||
|
}
|
||||||
|
output: #FS
|
||||||
}
|
}
|
||||||
|
@ -3,27 +3,29 @@ package main
|
|||||||
import "alpha.dagger.io/europa/dagger/engine"
|
import "alpha.dagger.io/europa/dagger/engine"
|
||||||
|
|
||||||
engine.#Plan & {
|
engine.#Plan & {
|
||||||
inputs: secrets: TestPAT: command: {
|
inputs: secrets: token: command: {
|
||||||
name: "sops"
|
name: "sops"
|
||||||
args: ["exec-env", "./privateRepo.enc.yaml", "echo $data"]
|
args: ["exec-env", "./privateRepo.enc.yaml", "echo $data"]
|
||||||
}
|
}
|
||||||
|
|
||||||
actions: {
|
actions: {
|
||||||
alpine: engine.#Pull & {
|
alpine: engine.#Pull & {
|
||||||
source: "alpine:3.15.0@sha256:e7d88de73db3d3fd9b2d63aa7f447a10fd0220b7cbf39803c803f2af9ba256b3"
|
source: "alpine:3.15.0"
|
||||||
}
|
}
|
||||||
|
|
||||||
testRepo: engine.#GitPull & {
|
testRepo: engine.#GitPull & {
|
||||||
remote: "https://github.com/dagger/dagger.git"
|
remote: "https://github.com/dagger/dagger.git"
|
||||||
ref: "main"
|
ref: "main"
|
||||||
authToken: inputs.secrets.TestPAT.contents
|
username: "dagger-test"
|
||||||
|
password: inputs.secrets.token.contents
|
||||||
}
|
}
|
||||||
|
|
||||||
testContent: engine.#Exec & {
|
testContent: engine.#Exec & {
|
||||||
input: alpine.output
|
input: alpine.output
|
||||||
always: true
|
always: true
|
||||||
args: ["ls", "-l", "/input/repo | grep 'universe -> stdlib'"]
|
args: ["ls", "-l", "/repo"]
|
||||||
mounts: inputRepo: {
|
mounts: inputRepo: {
|
||||||
dest: "/input/repo"
|
dest: "/repo"
|
||||||
contents: testRepo.output
|
contents: testRepo.output
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user