Merge pull request #1392 from talentedmrjones/europa-secret-exec-stderr

secrets exec returns stderr
This commit is contained in:
Andrea Luzzardi 2022-01-12 10:21:59 -08:00 committed by GitHub
commit 0a72696bdc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 46 additions and 10 deletions

View File

@ -2,6 +2,7 @@ package task
import ( import (
"context" "context"
"errors"
"fmt" "fmt"
"os" "os"
"os/exec" "os/exec"
@ -49,6 +50,10 @@ func (c *inputSecretExecTask) Run(ctx context.Context, pctx *plancontext.Context
// sec audited by @aluzzardi and @mrjones // sec audited by @aluzzardi and @mrjones
out, err := cmd.Output() out, err := cmd.Output()
if err != nil { if err != nil {
var exitErr *exec.ExitError
if errors.As(err, &exitErr) {
lg.Err(err).Msg(string(exitErr.Stderr))
}
return nil, err return nil, err
} }

View File

@ -65,21 +65,18 @@ setup() {
assert_output --partial 'conflicting values "local directory" and "local dfsadf"' assert_output --partial 'conflicting values "local directory" and "local dfsadf"'
} }
@test "plan/inputs/secrets exec" { @test "plan/inputs/secrets" {
cd "$TESTDIR" cd "$TESTDIR"
"$DAGGER" --europa up ./plan/inputs/secrets/exec.cue "$DAGGER" --europa up ./plan/inputs/secrets/exec.cue
} "$DAGGER" --europa up ./plan/inputs/secrets/exec_relative.cue
@test "plan/inputs/secrets exec relative" {
cd "$TESTDIR"
"$DAGGER" --europa up ./plan/inputs/secrets/exec.cue
}
@test "plan/inputs/secrets invalid command" {
cd "$TESTDIR"
run "$DAGGER" --europa up ./plan/inputs/secrets/invalid_command.cue run "$DAGGER" --europa up ./plan/inputs/secrets/invalid_command.cue
assert_failure assert_failure
assert_output --partial 'failed: exec: "rtyet": executable file not found' assert_output --partial 'failed: exec: "rtyet": executable file not found'
run "$DAGGER" --europa up ./plan/inputs/secrets/invalid_command_options.cue
assert_failure
assert_output --partial 'option'
} }
@test "plan/with" { @test "plan/with" {

View File

@ -0,0 +1,34 @@
package main
import (
"dagger.io/dagger/engine"
)
engine.#Plan & {
inputs: secrets: echo: command: {
name: "cat"
args: ["--sfgjkhf"] // // should fail because invalid option
}
actions: {
image: engine.#Pull & {
source: "alpine:3.15.0@sha256:e7d88de73db3d3fd9b2d63aa7f447a10fd0220b7cbf39803c803f2af9ba256b3"
}
verify: engine.#Exec & {
input: image.output
mounts: secret: {
dest: "/run/secrets/test"
contents: inputs.secrets.echo.contents
}
args: [
"sh", "-c",
#"""
test "$(cat /run/secrets/test)" = "hello europa"
ls -l /run/secrets/test | grep -- "-r--------"
"""#,
]
}
}
}