diff --git a/docs/reference/universe/README.md b/docs/reference/universe/README.md index c0458a15..f6657b91 100644 --- a/docs/reference/universe/README.md +++ b/docs/reference/universe/README.md @@ -9,6 +9,8 @@ - [aws/elb](./aws/elb.md) - AWS Elastic Load Balancer (ELBv2) - [aws/rds](./aws/rds.md) - AWS Relational Database Service (RDS) - [aws/s3](./aws/s3.md) - AWS Simple Storage Service +- [azure](./azure/README.md) - Azure base package +- [azure/resourcegroup](./azure/resourcegroup.md) - - - [dagger](./dagger/README.md) - Dagger core types - [dagger/op](./dagger/op.md) - op: low-level operations for Dagger processing pipelines - [docker](./docker/README.md) - Docker container operations diff --git a/docs/reference/universe/azure/README.md b/docs/reference/universe/azure/README.md new file mode 100644 index 00000000..fc887bbb --- /dev/null +++ b/docs/reference/universe/azure/README.md @@ -0,0 +1,50 @@ +--- +sidebar_label: azure +--- + +# alpha.dagger.io/azure + +Azure base package + +```cue +import "alpha.dagger.io/azure" +``` + +## azure.#CLI + +Azure Cli to be used by all Azure packages + +### azure.#CLI Inputs + +| Name | Type | Description | +| ------------- |:-------------: |:-------------: | +|*config.tenantId* | `dagger.#Secret` |AZURE tenant id | +|*config.subscriptionId* | `dagger.#Secret` |AZURE subscription id | +|*config.appId* | `dagger.#Secret` |AZURE app id for the service principal used | +|*config.password* | `dagger.#Secret` |AZURE password for the service principal used | +|*image.from* | `"mcr.microsoft.com/azure-cli:2.27.1@sha256:1e117183100c9fce099ebdc189d73e506e7b02d2b73d767d3fc07caee72f9fb1"` |Remote ref (example: "index.docker.io/alpine:latest") | +|*secret."/run/secrets/appId"* | `dagger.#Secret` |- | +|*secret."/run/secrets/password"* | `dagger.#Secret` |- | +|*secret."/run/secrets/tenantId"* | `dagger.#Secret` |- | +|*secret."/run/secrets/subscriptionId"* | `dagger.#Secret` |- | + +### azure.#CLI Outputs + +_No output._ + +## azure.#Config + +Azure Config shared by all Azure packages + +### azure.#Config Inputs + +| Name | Type | Description | +| ------------- |:-------------: |:-------------: | +|*tenantId* | `dagger.#Secret` |AZURE tenant id | +|*subscriptionId* | `dagger.#Secret` |AZURE subscription id | +|*appId* | `dagger.#Secret` |AZURE app id for the service principal used | +|*password* | `dagger.#Secret` |AZURE password for the service principal used | + +### azure.#Config Outputs + +_No output._ diff --git a/docs/reference/universe/azure/resourcegroup.md b/docs/reference/universe/azure/resourcegroup.md new file mode 100644 index 00000000..d23a64c5 --- /dev/null +++ b/docs/reference/universe/azure/resourcegroup.md @@ -0,0 +1,41 @@ +--- +sidebar_label: resourcegroup +--- + +# alpha.dagger.io/azure/resourcegroup + +```cue +import "alpha.dagger.io/azure/resourcegroup" +``` + +## resourcegroup.#ResourceGroup + +Create a resource group + +### resourcegroup.#ResourceGroup Inputs + +| Name | Type | Description | +| ------------- |:-------------: |:-------------: | +|*config.tenantId* | `dagger.#Secret` |AZURE tenant id | +|*config.subscriptionId* | `dagger.#Secret` |AZURE subscription id | +|*config.appId* | `dagger.#Secret` |AZURE app id for the service principal used | +|*config.password* | `dagger.#Secret` |AZURE password for the service principal used | +|*rgName* | `string` |ResourceGroup name | +|*rgLocation* | `string` |ResourceGroup location | +|*ctr.image.config.tenantId* | `dagger.#Secret` |AZURE tenant id | +|*ctr.image.config.subscriptionId* | `dagger.#Secret` |AZURE subscription id | +|*ctr.image.config.appId* | `dagger.#Secret` |AZURE app id for the service principal used | +|*ctr.image.config.password* | `dagger.#Secret` |AZURE password for the service principal used | +|*ctr.image.image.from* | `"mcr.microsoft.com/azure-cli:2.27.1@sha256:1e117183100c9fce099ebdc189d73e506e7b02d2b73d767d3fc07caee72f9fb1"` |Remote ref (example: "index.docker.io/alpine:latest") | +|*ctr.image.secret."/run/secrets/appId"* | `dagger.#Secret` |- | +|*ctr.image.secret."/run/secrets/password"* | `dagger.#Secret` |- | +|*ctr.image.secret."/run/secrets/tenantId"* | `dagger.#Secret` |- | +|*ctr.image.secret."/run/secrets/subscriptionId"* | `dagger.#Secret` |- | +|*ctr.env.AZURE_DEFAULTS_GROUP* | `string` |- | +|*ctr.env.AZURE_DEFAULTS_LOCATION* | `string` |- | + +### resourcegroup.#ResourceGroup Outputs + +| Name | Type | Description | +| ------------- |:-------------: |:-------------: | +|*id* | `string` |ResourceGroup Id Resource Id | diff --git a/stdlib/.dagger/env/azure-resourcegroup/.gitignore b/stdlib/.dagger/env/azure-resourcegroup/.gitignore new file mode 100644 index 00000000..01ec19b0 --- /dev/null +++ b/stdlib/.dagger/env/azure-resourcegroup/.gitignore @@ -0,0 +1,2 @@ +# dagger state +state/** diff --git a/stdlib/.dagger/env/azure-resourcegroup/values.yaml b/stdlib/.dagger/env/azure-resourcegroup/values.yaml new file mode 100644 index 00000000..8edd915a --- /dev/null +++ b/stdlib/.dagger/env/azure-resourcegroup/values.yaml @@ -0,0 +1,23 @@ +plan: + package: ./azure/resourcegroup/tests +name: azure-resourcegroup +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwcVNxbzdlRHczM3hoSlFB + OCtid2ZyNDZsMmRYeXRJM0hmY09rUWFjanpFClNjUnFXT09yb3BJMmJKNXN1MUIw + eTNIcmZKTG5YR0h6a0UxL0lIeFRBQkEKLS0tIHk4TFRYZkdmVGFWM3lWQ0pwcmx1 + TWlwSE9KTFlod21qbm5jQUdsZXVTT3cK7HMCg+rmRPy3d+uihLMPg7SvxVI7Xyr5 + Jv6BZJovEyX8PaB/dozzCwGMsGB4fALG2TRNbgskjR0LTGUgzv+yhQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-08-11T13:13:45Z" + mac: ENC[AES256_GCM,data:lldSGzZoJV4V56chs0Iue+gCBqvwViRY4ZeY4MajyeNBTH6i/k3YXGEZ1lI4suXLyf4BABILMQz0Y34G9oPk8cBWgPx4ZP0iCpvVa/H06xVkBVfntym7p/GWkNsOGiU3KpdGwD/0LLdjDOmL3vKbxNrpS7RvvTgQQtI4+jXtKEc=,iv:vB6P7SPT77ZOEAjTyOO6oSWRWUUWTrC4ekgT5kXvofQ=,tag:ucfzyP9V6HIfIlI8pMDROg==,type:str] + pgp: [] + encrypted_suffix: secret + version: 3.7.1 diff --git a/stdlib/azure/azure.cue b/stdlib/azure/azure.cue new file mode 100644 index 00000000..b98bef5d --- /dev/null +++ b/stdlib/azure/azure.cue @@ -0,0 +1,53 @@ +// Azure base package +package azure + +import ( + "alpha.dagger.io/dagger" + "alpha.dagger.io/docker" + "alpha.dagger.io/os" +) + +// Default Azure CLI version +let defaultVersion = "2.27.1@sha256:1e117183100c9fce099ebdc189d73e506e7b02d2b73d767d3fc07caee72f9fb1" + +//Azure Config shared by all Azure packages +#Config: { + // AZURE tenant id + tenantId: dagger.#Secret & dagger.#Input + // AZURE subscription id + subscriptionId: dagger.#Secret & dagger.#Input + // AZURE app id for the service principal used + appId: dagger.#Secret & dagger.#Input + // AZURE password for the service principal used + password: dagger.#Secret & dagger.#Input +} + +// Azure Cli to be used by all Azure packages +#CLI: { + // Azure Config + config: #Config + + // Azure CLI version to install + version: string | *defaultVersion + + // Container image + os.#Container & { + image: docker.#Pull & { + from: "mcr.microsoft.com/azure-cli:\(version)" + } + + always: true + + command: """ + az login --service-principal -u "$(cat /run/secrets/appId)" -p "$(cat /run/secrets/password)" -t "$(cat /run/secrets/tenantId)" + az account set -s "$(cat /run/secrets/subscriptionId)" + """ + + secret: { + "/run/secrets/appId": config.appId + "/run/secrets/password": config.password + "/run/secrets/tenantId": config.tenantId + "/run/secrets/subscriptionId": config.subscriptionId + } + } +} diff --git a/stdlib/azure/resourcegroup/rg.cue b/stdlib/azure/resourcegroup/rg.cue new file mode 100644 index 00000000..5f2e7215 --- /dev/null +++ b/stdlib/azure/resourcegroup/rg.cue @@ -0,0 +1,48 @@ +package resourcegroup + +import ( + "alpha.dagger.io/azure" + "alpha.dagger.io/os" + "alpha.dagger.io/dagger" +) + +// Create a resource group +#ResourceGroup: { + // Azure Config + config: azure.#Config + + // ResourceGroup name + rgName: string & dagger.#Input + + // ResourceGroup location + rgLocation: string & dagger.#Input + + // ResourceGroup Id + id: string & dagger.#Output + + // Container image + ctr: os.#Container & { + image: azure.#CLI & { + "config": config + } + always: true + + command: """ + az group create -l "$AZURE_DEFAULTS_LOCATION" -n "$AZURE_DEFAULTS_GROUP" + az group show -n "$AZURE_DEFAULTS_GROUP" --query "id" -o json | jq -r . | tr -d "\n" > /resourceGroupId + """ + + env: { + AZURE_DEFAULTS_GROUP: rgName + AZURE_DEFAULTS_LOCATION: rgLocation + } + } + + // Resource Id + id: ({ + os.#File & { + from: ctr + path: "/resourceGroupId" + } + }).contents +} diff --git a/stdlib/azure/resourcegroup/tests/rg.cue b/stdlib/azure/resourcegroup/tests/rg.cue new file mode 100644 index 00000000..dc2eda0b --- /dev/null +++ b/stdlib/azure/resourcegroup/tests/rg.cue @@ -0,0 +1,17 @@ +package resourcegroup + +import ( + "alpha.dagger.io/azure" + "alpha.dagger.io/azure/resourcegroup" + "alpha.dagger.io/random" +) + +TestSuffix: random.#String & { + seed: "azrg" +} + +TestRG: resourcegroup.#ResourceGroup & { + config: azure.#Config + rgName: "rg-test-\(TestSuffix.out)" + rgLocation: "eastus2" +} diff --git a/stdlib/universe.bats b/stdlib/universe.bats index 79a0e680..02760c06 100644 --- a/stdlib/universe.bats +++ b/stdlib/universe.bats @@ -184,3 +184,8 @@ setup() { run dagger -w "$DAGGER_SANDBOX" -e terraform input unset TestTerraform.apply.tfvars.input assert_success } + +@test "azure-resourcegroup" { + skip "Azure CI infra not implemented yet - manually tested and working" + #dagger -e azure-resourcegroup up +} \ No newline at end of file