Add auth to Git.#Repository
Signed-off-by: Guillaume de Rouville <guillaume.derouville@gmail.com>
This commit is contained in:
parent
3b0e3f6919
commit
08f395b70d
@ -37,6 +37,8 @@ A git repository
|
|||||||
|*remote* | `string` |Git remote. Example: `"https://github.com/dagger/dagger"` |
|
|*remote* | `string` |Git remote. Example: `"https://github.com/dagger/dagger"` |
|
||||||
|*ref* | `string` |Git ref: can be a commit, tag or branch. Example: "main" |
|
|*ref* | `string` |Git ref: can be a commit, tag or branch. Example: "main" |
|
||||||
|*subdir* | `*null \| string` |(optional) Subdirectory |
|
|*subdir* | `*null \| string` |(optional) Subdirectory |
|
||||||
|
|*authToken* | `dagger.#Secret` |(optional) Add Personal Access Token |
|
||||||
|
|*authHeader* | `dagger.#Secret` |(optional) Add OAuth Token |
|
||||||
|
|
||||||
### git.#Repository Outputs
|
### git.#Repository Outputs
|
||||||
|
|
||||||
|
@ -816,15 +816,15 @@ func (p *Pipeline) FetchGit(ctx context.Context, op *compiler.Value, st llb.Stat
|
|||||||
gitOpts = append(gitOpts, llb.KeepGitDir())
|
gitOpts = append(gitOpts, llb.KeepGitDir())
|
||||||
}
|
}
|
||||||
// Secret
|
// Secret
|
||||||
if authTokenSecret := op.Lookup("authTokenSecret"); authTokenSecret.Exists() {
|
if authToken := op.Lookup("authToken"); authToken.Exists() {
|
||||||
id, err := getSecretID(authTokenSecret)
|
id, err := getSecretID(authToken)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return st, err
|
return st, err
|
||||||
}
|
}
|
||||||
gitOpts = append(gitOpts, llb.AuthTokenSecret(id))
|
gitOpts = append(gitOpts, llb.AuthTokenSecret(id))
|
||||||
}
|
}
|
||||||
if authHeaderSecret := op.Lookup("authHeaderSecret"); authHeaderSecret.Exists() {
|
if authHeader := op.Lookup("authHeader"); authHeader.Exists() {
|
||||||
id, err := getSecretID(authHeaderSecret)
|
id, err := getSecretID(authHeader)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return st, err
|
return st, err
|
||||||
}
|
}
|
||||||
|
7
stdlib/.dagger/env/git/values.yaml
vendored
7
stdlib/.dagger/env/git/values.yaml
vendored
@ -1,6 +1,9 @@
|
|||||||
plan:
|
plan:
|
||||||
package: ./git/tests
|
package: ./git/tests
|
||||||
name: git
|
name: git
|
||||||
|
inputs:
|
||||||
|
TestPAT:
|
||||||
|
secret: ENC[AES256_GCM,data:7s1tSIpIDNBhAFupdjb7KtPbjKrCd5tXupr3RQF2N3Xu5XGuTZMgoQ==,iv:I+SVYLnjgMffvNg6BMB6m1lj+VVH5sDK0aIEAWPcyLY=,tag:TcfJ6LVps8dXVZGZy3T2ew==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
@ -16,8 +19,8 @@ sops:
|
|||||||
TmhJNisyamw3d244aGVJSEVFVUVLZGsKvd+nowA0CLXQbdvyI4J0lBjs9vdISWlo
|
TmhJNisyamw3d244aGVJSEVFVUVLZGsKvd+nowA0CLXQbdvyI4J0lBjs9vdISWlo
|
||||||
gGvR49uul3Z8raVWXFUzsyQ8xTvYNg0ovynFG2KdagSKr1DlhKMBEQ==
|
gGvR49uul3Z8raVWXFUzsyQ8xTvYNg0ovynFG2KdagSKr1DlhKMBEQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2021-07-08T09:54:31Z"
|
lastmodified: "2021-08-26T13:44:11Z"
|
||||||
mac: ENC[AES256_GCM,data:pFrhyJQLJ1zQJmXQWQtmkeraiTHCKvOEr+TVgYQ6EZsei+dL+VUVWDgeHLkonxwh9eBPyAtB1cfxPc+1xVnMCqmFPVZMZ0P+CNgaOTcHk38UzOHyCcjw18AjROuEYffat8XbmjwKaSX+XRvMiC53BTrZkXt6os7hfikrySEot3A=,iv:W9S+qlvAB3gXFhUTpE17Fm/lQK6DTo7mmdzL3LjCVWQ=,tag:/fETJit+AXZ/OjIjz0TPhA==,type:str]
|
mac: ENC[AES256_GCM,data:ttmpbzhrVFEGh/oJF4TtMvf99rutPBbzp9cIaqakIl+5nxqOkuAakgvf7IIMBG235zdyMvIXZZh6NLYG51PZA1hKNMg5Pqqba9GOSvFCHasWzNJ3pi5SLBGD02ivDfkSMbEHeOCUhnG1X4LxkYL9j+fb4tQt1Btv1hiIAcIa+eY=,iv:WxuW+0yJYtNqAB0y1nji9c3lzn4Pftir8uZojcdphng=,tag:yvcIJxkuqOmCfXoyEnGWow==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
encrypted_suffix: secret
|
encrypted_suffix: secret
|
||||||
version: 3.7.1
|
version: 3.7.1
|
||||||
|
2
stdlib/.dagger/env/op-fetch-git/.gitignore
vendored
2
stdlib/.dagger/env/op-fetch-git/.gitignore
vendored
@ -1,2 +0,0 @@
|
|||||||
# dagger state
|
|
||||||
state/**
|
|
26
stdlib/.dagger/env/op-fetch-git/values.yaml
vendored
26
stdlib/.dagger/env/op-fetch-git/values.yaml
vendored
@ -1,26 +0,0 @@
|
|||||||
plan:
|
|
||||||
package: ./dagger/op/tests/fetch-git
|
|
||||||
name: op-fetch-git
|
|
||||||
inputs:
|
|
||||||
TestPAT:
|
|
||||||
secret: ENC[AES256_GCM,data:4rBqMc8jbs0mIl2tqxZZu6xhKWq1zb4Zmdd4eobZxmT5xkeVJM94KA==,iv:xj6wu5amzCACh8vvBbtqYK8MLsFvoFIYe2wsDLhbzhc=,tag:ZCInVlyCr41MfV9W9SK5iw==,type:str]
|
|
||||||
sops:
|
|
||||||
kms: []
|
|
||||||
gcp_kms: []
|
|
||||||
azure_kv: []
|
|
||||||
hc_vault: []
|
|
||||||
age:
|
|
||||||
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjYUh0WC8yTEtaK2VlZEU4
|
|
||||||
c1pCTUNFWWt3WE5GSzZPU1VuWnVQWHMyWTF3CnVRN0ovd2tWUlU0Q1BneEEyQm9s
|
|
||||||
Rm9TNGVVK3g5aVJUOGNYRzdxbERnNUUKLS0tIDRvTlU2eUozZy9jYzFqOHB6SzNE
|
|
||||||
NnhoNTZYQVJBV1FKUHI1aWJZTnc0bEkKBNxuA26mtiAznfuGbLcqeIxvgg9kLjBl
|
|
||||||
ZofKLWu33k7aUQJADAEKoFD7B0B502LtQRMLk94ObzdhdLxl1F3JNA==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
lastmodified: "2021-08-25T15:03:39Z"
|
|
||||||
mac: ENC[AES256_GCM,data:IwMHAYejWYenT9KCSSBQhQcRMS+6EJBwDlmP1iWBNs41sbFMSvLabRsh1QHfgN8IYMc02XSii3PM8nDW44CG3s2PYaejEbS0/Q4OnqDFWjW3oyaDxS5/4OvJALV5JWSyQYAItepI1B/M6vL8nXS8lUxxuythX5jyEq9LTGfB608=,iv:8ecze6Fz8BSnENS6cXTpZ6s5zAQMsnb3yqvCjDvwhMc=,tag:iHi/g9K8GX9hrJGN2oq7Jg==,type:str]
|
|
||||||
pgp: []
|
|
||||||
encrypted_suffix: secret
|
|
||||||
version: 3.7.1
|
|
@ -87,8 +87,8 @@ package op
|
|||||||
ref: string
|
ref: string
|
||||||
keepGitDir?: bool
|
keepGitDir?: bool
|
||||||
// FIXME: the two options are currently ignored until we support buildkit secrets
|
// FIXME: the two options are currently ignored until we support buildkit secrets
|
||||||
authTokenSecret?: _ @dagger(secret)
|
authToken?: _ @dagger(secret)
|
||||||
authHeaderSecret?: _ @dagger(secret)
|
authHeader?: _ @dagger(secret)
|
||||||
}
|
}
|
||||||
|
|
||||||
#FetchHTTP: {
|
#FetchHTTP: {
|
||||||
|
@ -11,18 +11,24 @@ import (
|
|||||||
#Repository: {
|
#Repository: {
|
||||||
// Git remote.
|
// Git remote.
|
||||||
// Example: `"https://github.com/dagger/dagger"`
|
// Example: `"https://github.com/dagger/dagger"`
|
||||||
remote: string & dagger.#Input
|
remote: dagger.#Input & {string}
|
||||||
|
|
||||||
// Git ref: can be a commit, tag or branch.
|
// Git ref: can be a commit, tag or branch.
|
||||||
// Example: "main"
|
// Example: "main"
|
||||||
ref: string & dagger.#Input
|
ref: dagger.#Input & {string}
|
||||||
|
|
||||||
// (optional) Subdirectory
|
// (optional) Subdirectory
|
||||||
subdir: *null | string & dagger.#Input
|
subdir: dagger.#Input & {*null | string}
|
||||||
|
|
||||||
// (optional) Keep .git directory
|
// (optional) Keep .git directory
|
||||||
keepGitDir: *false | bool
|
keepGitDir: *false | bool
|
||||||
|
|
||||||
|
// (optional) Add Personal Access Token
|
||||||
|
authToken: dagger.#Input & {*null | dagger.#Secret}
|
||||||
|
|
||||||
|
// (optional) Add OAuth Token
|
||||||
|
authHeader: dagger.#Input & {*null | dagger.#Secret}
|
||||||
|
|
||||||
#up: [
|
#up: [
|
||||||
op.#FetchGit & {
|
op.#FetchGit & {
|
||||||
"remote": remote
|
"remote": remote
|
||||||
@ -30,6 +36,12 @@ import (
|
|||||||
if (keepGitDir) {
|
if (keepGitDir) {
|
||||||
keepGitDir: true
|
keepGitDir: true
|
||||||
}
|
}
|
||||||
|
if (authToken != null) {
|
||||||
|
"authToken": authToken
|
||||||
|
}
|
||||||
|
if (authHeader != null) {
|
||||||
|
"authHeader": authHeader
|
||||||
|
}
|
||||||
},
|
},
|
||||||
if subdir != null {
|
if subdir != null {
|
||||||
op.#Subdir & {
|
op.#Subdir & {
|
||||||
|
@ -3,8 +3,9 @@ package git
|
|||||||
import (
|
import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"alpha.dagger.io/git"
|
|
||||||
"alpha.dagger.io/alpine"
|
"alpha.dagger.io/alpine"
|
||||||
|
"alpha.dagger.io/dagger"
|
||||||
|
"alpha.dagger.io/git"
|
||||||
"alpha.dagger.io/os"
|
"alpha.dagger.io/os"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -74,3 +75,25 @@ TestCurrentTags: os.#Container & {
|
|||||||
[ $TAGS = "0=master" ]
|
[ $TAGS = "0=master" ]
|
||||||
"""
|
"""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Test fetching a private repo
|
||||||
|
TestPAT: dagger.#Input & {dagger.#Secret}
|
||||||
|
|
||||||
|
privateRepo: git.#Repository & {
|
||||||
|
remote: "https://github.com/dagger/dagger.git"
|
||||||
|
ref: "main"
|
||||||
|
keepGitDir: true
|
||||||
|
authToken: TestPAT
|
||||||
|
}
|
||||||
|
|
||||||
|
TestPrivateRepository: os.#Container & {
|
||||||
|
image: alpine.#Image & {
|
||||||
|
package: bash: "=5.1.0-r0"
|
||||||
|
package: git: true
|
||||||
|
}
|
||||||
|
mount: "/repo1": from: privateRepo
|
||||||
|
dir: "/repo1"
|
||||||
|
command: """
|
||||||
|
[ -d .git ]
|
||||||
|
"""
|
||||||
|
}
|
||||||
|
@ -10,9 +10,9 @@ import (
|
|||||||
TestPAT: dagger.#Input & {dagger.#Secret}
|
TestPAT: dagger.#Input & {dagger.#Secret}
|
||||||
|
|
||||||
TestRepo: #up: [op.#FetchGit & {
|
TestRepo: #up: [op.#FetchGit & {
|
||||||
remote: "https://github.com/dagger/dagger.git"
|
remote: "https://github.com/dagger/dagger.git"
|
||||||
ref: "main"
|
ref: "main"
|
||||||
authTokenSecret: TestPAT
|
authToken: TestPAT
|
||||||
}]
|
}]
|
||||||
|
|
||||||
TestContent: os.#Container & {
|
TestContent: os.#Container & {
|
||||||
|
Reference in New Issue
Block a user