diff --git a/stdlib/.dagger/env/aws-eks/.gitignore b/stdlib/.dagger/env/aws-eks/.gitignore new file mode 100644 index 00000000..01ec19b0 --- /dev/null +++ b/stdlib/.dagger/env/aws-eks/.gitignore @@ -0,0 +1,2 @@ +# dagger state +state/** diff --git a/stdlib/.dagger/env/aws-eks/plan/eks.cue b/stdlib/.dagger/env/aws-eks/plan/eks.cue new file mode 100644 index 00000000..d0a92e9d --- /dev/null +++ b/stdlib/.dagger/env/aws-eks/plan/eks.cue @@ -0,0 +1,53 @@ +package eks + +import ( + "dagger.io/aws" + "dagger.io/aws/eks" + "dagger.io/kubernetes" + "dagger.io/dagger/op" +) + +TestConfig: awsConfig: aws.#Config & { + region: "us-east-2" +} + +TestCluster: eks.#KubeConfig & { + config: TestConfig.awsConfig + clusterName: *"dagger-example-eks-cluster" | string +} + +TestEks: { + #GetPods: + """ + kubectl get pods -A + """ + + #up: [ + op.#Load & { + from: kubernetes.#Kubectl + }, + + op.#WriteFile & { + dest: "/kubeconfig" + content: TestCluster.kubeconfig + }, + + op.#WriteFile & { + dest: "/getPods.sh" + content: #GetPods + }, + + op.#Exec & { + always: true + args: [ + "/bin/bash", + "--noprofile", + "--norc", + "-eo", + "pipefail", + "/getPods.sh", + ] + env: KUBECONFIG: "/kubeconfig" + }, + ] +} diff --git a/stdlib/.dagger/env/aws-eks/values.yaml b/stdlib/.dagger/env/aws-eks/values.yaml new file mode 100644 index 00000000..7d9d9582 --- /dev/null +++ b/stdlib/.dagger/env/aws-eks/values.yaml @@ -0,0 +1,28 @@ +plan: + module: .dagger/env/aws-eks/plan +name: aws-eks +inputs: + TestConfig.awsConfig.accessKey: + secret: ENC[AES256_GCM,data:ZiNdgkTZlOyWht2CDpmYKN+ViTE=,iv:wdRiBw65BgSia9z//tUDirkkhw9O29ZoerX6eZnYx9k=,tag:S/0i/fRtQJg4Qp7tmUK4ag==,type:str] + TestConfig.awsConfig.secretKey: + secret: ENC[AES256_GCM,data:ywvQiDE4gmM6KasYWOvX1FY/Lerg5TghgoYTq1AlXDRHNGzZtY3ClQ==,iv:HCXweaSKHLwEA8Mq4up/TUaV7YDtsRpBpwYD19Jh4iw=,tag:l2hmI9BsGiRyulh4yDn/hw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVdWE4VlRMWGJ3WDExWkNl + S1dqU21uVXFjaXU5eWdKRmRCUXFCd2ZaTjNrCjlkNXI3WUdnRGVibmZkbXJYaEV4 + SXIveGNDNnZ6dDM4SjdrMmZIZVhyVzAKLS0tIGkzK0tMTTdHU2lacmtvakUwbGFE + M3U4UFV5REQzYko3QjlXVE02Z0J4WUkK8uHC67Mutls4drXbCi8AwuFqbRXeb69P + ZnOFZEB4NoayoOojr1mY9ssDTywHF4KwR4E9ZmJ3V3hlEAgMkqfvSA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-06-17T18:46:34Z" + mac: ENC[AES256_GCM,data:B+WtEMOKXy8AT/YTUaKZ9aA8fQRt2pJp3IaABpj0oYI1vCG953MnDCIxj0j2bTQN5gyaFPF8UQ1o/pRJzCKhm26wbCByUrVdHxHTwoJ7arDqQGwcNKYAuQjLtMG7gsl0BqjCg0oKO5YEa24BqHVf1dEo9AcXd6LBwqvxVjmd98g=,iv:aWxj1Oq6wmUYuWnGOc2zIpzOYJVyXV9qSzBgF+iGsHI=,tag:Bx1A8UxghYq97wEdUxbmdg==,type:str] + pgp: [] + encrypted_suffix: secret + version: 3.7.1 diff --git a/stdlib/.dagger/env/docker-build/.gitignore b/stdlib/.dagger/env/docker-build/.gitignore new file mode 100644 index 00000000..01ec19b0 --- /dev/null +++ b/stdlib/.dagger/env/docker-build/.gitignore @@ -0,0 +1,2 @@ +# dagger state +state/** diff --git a/stdlib/.dagger/env/docker-build/plan/dockerfile.cue b/stdlib/.dagger/env/docker-build/plan/dockerfile.cue new file mode 100644 index 00000000..70b021f2 --- /dev/null +++ b/stdlib/.dagger/env/docker-build/plan/dockerfile.cue @@ -0,0 +1,57 @@ +package docker + +import ( + "dagger.io/dagger" + "dagger.io/dagger/op" + "dagger.io/docker" +) + +TestSourceBuild: dagger.#Artifact @dagger(input) + +TestBuild: { + image: docker.#Build & { + source: TestSourceBuild + } + + verify: #up: [ + op.#Load & { + from: image + }, + + op.#Exec & { + always: true + args: [ + "sh", "-c", """ + grep -q "test" /test.txt + """, + ] + }, + ] +} + +TestSourceImageFromDockerfile: dagger.#Artifact @dagger(input) + +TestImageFromDockerfile: { + image: docker.#ImageFromDockerfile & { + dockerfile: """ + FROM alpine + COPY test.txt /test.txt + """ + context: TestSourceImageFromDockerfile + } + + verify: #up: [ + op.#Load & { + from: image + }, + + op.#Exec & { + always: true + args: [ + "sh", "-c", """ + grep -q "test" /test.txt + """, + ] + }, + ] +} diff --git a/stdlib/.dagger/env/docker-build/values.yaml b/stdlib/.dagger/env/docker-build/values.yaml new file mode 100644 index 00000000..e876cc46 --- /dev/null +++ b/stdlib/.dagger/env/docker-build/values.yaml @@ -0,0 +1,30 @@ +plan: + module: .dagger/env/docker-build/plan +name: docker-build +inputs: + TestSourceBuild: + dir: + path: ./docker/testdata/build + TestSourceImageFromDockerfile: + dir: + path: ./docker/testdata/dockerfile +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0TXlFYWNvUldMdlRtWkEz + SlBEYUY1Q0thbFdSZGpaT00xQ2Jkc1J2WkdJClBXUGVTamdmZU1KNUdjam9HN0Zl + RjRQbVRHVjR6S3RCWlJLaElaM2ZWVG8KLS0tIDJJejFkQkxYeDdHcWdPS0p0QmJ0 + Mm5vT1dHbFViK2ZIakNnVkZTd2lhUHMK63jJsJVLJMbQE2NkAB8qv8JnPHpvcNes + z17EJgl0lCLqeNHtfrTfSiIP4wq8gNLK4avCKK+WGDOIMsXPzK6RNw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-06-17T20:14:11Z" + mac: ENC[AES256_GCM,data:hlc0Bnfeoor/WKMbQRgTalkxngL0YXTwHAys/moXZ4ZMGd2lt+j4l4EkKSjb3QrJfPllCeqroohLKtN+lP4K9fSCMcfYzic2DTEP68rPwufmrgxys1snOHHgIEfqogL8p55fJdXn91x+WHhPNkbWaaH0WcboYsy0zemUIkjb+xc=,iv:8oUeR1dfT4lrVWyJpGPPFa/jlPgWA/ld3UM9Cw2znxk=,tag:59RyiXwzJ5j+c5faxs9U3w==,type:str] + pgp: [] + encrypted_suffix: secret + version: 3.7.1 diff --git a/stdlib/.dagger/env/git/values.yaml b/stdlib/.dagger/env/git/values.yaml index 2fd0d4a4..c209a8bd 100644 --- a/stdlib/.dagger/env/git/values.yaml +++ b/stdlib/.dagger/env/git/values.yaml @@ -1,3 +1,5 @@ +plan: + module: .dagger/env/git/plan name: git sops: kms: [] @@ -14,8 +16,8 @@ sops: TmhJNisyamw3d244aGVJSEVFVUVLZGsKvd+nowA0CLXQbdvyI4J0lBjs9vdISWlo gGvR49uul3Z8raVWXFUzsyQ8xTvYNg0ovynFG2KdagSKr1DlhKMBEQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2021-06-15T14:34:51Z" - mac: ENC[AES256_GCM,data:phQpRQlHv9c3VRcqZ7OkSfW4a9oPnTD2ucsB8TJatgzLrbP1+erj9x2jrPex0T2MExIFFzNynSAiWwueLYqCzUvuG2DfIokvM9erNfdpbIBTtJeWO9+hVIkzoQ6xeKg1wLb0q3U7Cbbe6GBFA3oabPN2kyzGbgS2LO2Ou77NMLk=,iv:sS0MRNEGBWos6XNAQEYK2UmaK9g0rd+Nx1xBNeh6w+M=,tag:DIcqzBvChde/C7T/yAhn+w==,type:str] + lastmodified: "2021-06-18T16:23:23Z" + mac: ENC[AES256_GCM,data:AdTUEx0RIrJU6aZZNn9iIrl0eM2eParknCVIQL7k1arLRfYH4WyMf9lUa03+Qy83r4miNh4a9kFpNWyodbOR/j7OiLgAxWGXc08XAnIU51F2H7b55cSW9yNJj5kfos2e1pS356MoSaswg4fH8EYVUNgWC6mdBcXzC1m7uiqTS0E=,iv:mK9sjOCd7ePWR4xe5qNwmPuIyNR1nE3Ql65cF15SovI=,tag:DPUTnGTF+Ve+A7ShACNrnQ==,type:str] pgp: [] encrypted_suffix: secret version: 3.7.1 diff --git a/stdlib/.dagger/env/kubernetes-deployment/.gitignore b/stdlib/.dagger/env/kubernetes-deployment/.gitignore new file mode 100644 index 00000000..01ec19b0 --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-deployment/.gitignore @@ -0,0 +1,2 @@ +# dagger state +state/** diff --git a/stdlib/.dagger/env/kubernetes-deployment/plan/kubernetes.cue b/stdlib/.dagger/env/kubernetes-deployment/plan/kubernetes.cue new file mode 100644 index 00000000..35f7caee --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-deployment/plan/kubernetes.cue @@ -0,0 +1,44 @@ +package main + +import ( + "encoding/yaml" + "dagger.io/kubernetes" + "dagger.io/random" +) + +// We assume that a kinD cluster is running locally +// To deploy a local KinD cluster, follow this link : https://kind.sigs.k8s.io/docs/user/quick-start/ +TestKubeconfig: string @dagger(input) + +TestKubeApply: { + suffix: random.#String & { + seed: "" + } + + // Pod spec + kubeSrc: { + apiVersion: "v1" + kind: "Pod" + metadata: name: "kube-test-\(suffix.out)" + spec: { + restartPolicy: "Never" + containers: [{ + name: "test" + image: "hello-world" + }] + } + } + + // Apply deployment + apply: kubernetes.#Resources & { + kubeconfig: TestKubeconfig + namespace: "dagger-test" + manifest: yaml.Marshal(kubeSrc) + } + + // Verify deployment + verify: #VerifyApply & { + podname: kubeSrc.metadata.name + namespace: apply.namespace + } +} diff --git a/stdlib/.dagger/env/kubernetes-deployment/plan/verify.cue b/stdlib/.dagger/env/kubernetes-deployment/plan/verify.cue new file mode 100644 index 00000000..0150b5f3 --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-deployment/plan/verify.cue @@ -0,0 +1,79 @@ +package main + +import ( + "dagger.io/dagger/op" + "dagger.io/kubernetes" +) + +#VerifyApply: { + podname: string + + namespace: string + + // Verify that pod exist + #GetPods: + """ + kubectl get pods --namespace "$KUBE_NAMESPACE" \( podname ) + """ + + // Clear that pod for future test + #DeletePods: + """ + kubectl delete pods --namespace "$KUBE_NAMESPACE" \( podname ) + """ + + #up: [ + op.#Load & { + from: kubernetes.#Kubectl + }, + + op.#WriteFile & { + dest: "/kubeconfig" + content: TestKubeconfig + mode: 0o600 + }, + + op.#WriteFile & { + dest: "/getPods.sh" + content: #GetPods + }, + + // Check pods + op.#Exec & { + always: true + args: [ + "/bin/bash", + "--noprofile", + "--norc", + "-eo", + "pipefail", + "/getPods.sh", + ] + env: { + KUBECONFIG: "/kubeconfig" + KUBE_NAMESPACE: namespace + } + }, + + op.#WriteFile & { + dest: "/deletePods.sh" + content: #DeletePods + }, + + op.#Exec & { + always: true + args: [ + "/bin/bash", + "--noprofile", + "--norc", + "-eo", + "pipefail", + "/deletePods.sh", + ] + env: { + KUBECONFIG: "/kubeconfig" + KUBE_NAMESPACE: namespace + } + }, + ] +} diff --git a/stdlib/.dagger/env/kubernetes-deployment/values.yaml b/stdlib/.dagger/env/kubernetes-deployment/values.yaml new file mode 100644 index 00000000..59be15cd --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-deployment/values.yaml @@ -0,0 +1,23 @@ +plan: + module: .dagger/env/kubernetes-deployment/plan +name: kubernetes-deployment +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIQ2hZZ3ZRVzRseXZyVW1h + L01WYkNrTzdHSEN5WTlyQzVDTm9FbzRENzFFCjdrcVhKa1ZwaGNyYmo3ditDR1hC + cStzcmVjUXY3V3FUZElRNUIzQlQzL0UKLS0tIHlmWTlUdFVOczM0TTF5RHFTUXps + SVVkOUtuWTJneE45em5iQ3JvbnIwWlkKgdJC5IzvVDxbWSfU41Xg/UGPxuVBSOGY + eqenr07uWppNaHuLuo9A+znQa2RQ0L2clcB2d+ka+6z5tQyHOfx1nA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-06-18T15:41:02Z" + mac: ENC[AES256_GCM,data:R3DuHLEyfehKe1nCWHdKB9jyOs5TXI+r2BmQDMiwI8v0xfZdOZWfwGw3NAFGDZHbaLNTajQkzviDsMhaXg5bxvmK7P8PiJOOmnm/LnDRfnJirGRGpWA7bmsHH/QZL1lb75+cwUrwRZflkKoPy2bQyoC5Rze6/oNhPIUTCwQWaMo=,iv:73ZjXAcazCND3JhC94TjUOlcMbwfTz8YDFP1BPo8yUw=,tag:wUVcfyjtf4KzpU0jDrxleQ==,type:str] + pgp: [] + encrypted_suffix: secret + version: 3.7.1 diff --git a/stdlib/.dagger/env/kubernetes-helm/.gitignore b/stdlib/.dagger/env/kubernetes-helm/.gitignore new file mode 100644 index 00000000..01ec19b0 --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-helm/.gitignore @@ -0,0 +1,2 @@ +# dagger state +state/** diff --git a/stdlib/.dagger/env/kubernetes-helm/plan/helm.cue b/stdlib/.dagger/env/kubernetes-helm/plan/helm.cue new file mode 100644 index 00000000..6d1c5485 --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-helm/plan/helm.cue @@ -0,0 +1,56 @@ +package main + +import ( + "dagger.io/kubernetes/helm" + "dagger.io/random" + "dagger.io/dagger" +) + +// We assume that a kinD cluster is running locally +// To deploy a local KinD cluster, follow this link : https://kind.sigs.k8s.io/docs/user/quick-start/ +TestKubeconfig: string @dagger(input) + +TestChartSource: dagger.#Artifact @dagger(input) + +// Deploy user local chart +TestHelmSimpleChart: { + suffix: random.#String & { + seed: "simple" + } + + // Deploy chart + deploy: helm.#Chart & { + name: "dagger-test-inline-chart-\(suffix.out)" + namespace: "dagger-test" + kubeconfig: TestKubeconfig + chartSource: TestChartSource + } + + // Verify deployment + verify: #VerifyHelm & { + chartName: deploy.name + namespace: deploy.namespace + } +} + +// Deploy remote chart +TestHelmRepoChart: { + suffix: random.#String & { + seed: "repo" + } + + // Deploy chart + deploy: helm.#Chart & { + name: "dagger-test-repository-\(suffix.out)" + namespace: "dagger-test" + kubeconfig: TestKubeconfig + repository: "https://charts.bitnami.com/bitnami" + chart: "redis" + } + + // Verify deployment + verify: #VerifyHelm & { + chartName: deploy.name + namespace: deploy.namespace + } +} diff --git a/stdlib/.dagger/env/kubernetes-helm/plan/verify.cue b/stdlib/.dagger/env/kubernetes-helm/plan/verify.cue new file mode 100644 index 00000000..581c1121 --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-helm/plan/verify.cue @@ -0,0 +1,51 @@ +package main + +import ( + "dagger.io/dagger/op" + "dagger.io/kubernetes" +) + +#VerifyHelm: { + chartName: string + + namespace: string + + // Verify that pod exist + #getHelmPods: + """ + kubectl get pods --namespace "$KUBE_NAMESPACE" | grep "\(chartName)" + """ + + #up: [ + op.#Load & { + from: kubernetes.#Kubectl + }, + + op.#WriteFile & { + dest: "/getHelmPods.sh" + content: #getHelmPods + }, + + op.#WriteFile & { + dest: "/kubeconfig" + content: TestKubeconfig + mode: 0o600 + }, + + op.#Exec & { + always: true + args: [ + "/bin/bash", + "--noprofile", + "--norc", + "-eo", + "pipefail", + "/getHelmPods.sh", + ] + env: { + KUBECONFIG: "/kubeconfig" + KUBE_NAMESPACE: namespace + } + }, + ] +} diff --git a/stdlib/.dagger/env/kubernetes-helm/values.yaml b/stdlib/.dagger/env/kubernetes-helm/values.yaml new file mode 100644 index 00000000..3f79c0d5 --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-helm/values.yaml @@ -0,0 +1,27 @@ +plan: + module: .dagger/env/kubernetes-helm/plan +name: kubernetes-helm +inputs: + TestChartSource: + dir: + path: ./kubernetes/helm/testdata/mychart +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBud1hMc0dTZTlIQ3lZVEQ5 + WjA2UlAvTm15ZEgycXlKKzhjTmU0Ui9xZHcwCkRxclFUTUE0aXRvaElkc3diV2Ix + N2VZZVIzS2t3cVl3UmtXOC9PY1VObzAKLS0tIG9ydkFzak1SaUo2NGxET3ZiNklZ + VHlGUExaMzcwM0pOM2VDY280UWZXSzQKAm7ZV1agxbla3Yrc7vrwJosSjQtWhdac + ZFyQ6Gi+9H7qHZM89yVjAaIg1lwr68HcjYgDzpvvhJO9YPfzwoLyHw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-06-18T15:42:52Z" + mac: ENC[AES256_GCM,data:SzHFZpgiv+h1vRjq0GP+4nzj9az6pAwQwstxYz10yBGPQXnZv/VtJm071oouiK7pgD4i7cTvTKgIOaX9K74PiWSiTjWI5F9sGHvt9ZoGyU08OHM6zwGMDiYygBN2+5dd5jBvT4Xy6efa0IOMxSqhp69+VoJRWesAFsN6IfDcIEY=,iv:Af2WeB2eVk5hnWFWaQij7hz2wjXgNWDJTWDm13iKNvA=,tag:uvR1ruMc69ZhDJRtYCFQBw==,type:str] + pgp: [] + encrypted_suffix: secret + version: 3.7.1 diff --git a/stdlib/.dagger/env/kubernetes-kustomize/.gitignore b/stdlib/.dagger/env/kubernetes-kustomize/.gitignore new file mode 100644 index 00000000..01ec19b0 --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-kustomize/.gitignore @@ -0,0 +1,2 @@ +# dagger state +state/** diff --git a/stdlib/.dagger/env/kubernetes-kustomize/plan/kustomize.cue b/stdlib/.dagger/env/kubernetes-kustomize/plan/kustomize.cue new file mode 100644 index 00000000..2ebe0682 --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-kustomize/plan/kustomize.cue @@ -0,0 +1,32 @@ +package main + +import ( + "encoding/yaml" + "dagger.io/dagger" + "dagger.io/kubernetes/kustomize" +) + +TestKustomize: { + testdata: dagger.#Artifact + + // Run Kustomize + kustom: kustomize.#Kustomize & { + source: testdata + kustomization: yaml.Marshal({ + resources: ["deployment.yaml", "pod.yaml"] + images: [{ + name: "nginx" + newTag: "v1" + }] + replicas: [{ + name: "nginx-deployment" + count: 2 + }] + }) + } + + // Verify kustomization generation + verify: #VerifyKustomize & { + source: kustom + } +} diff --git a/stdlib/.dagger/env/kubernetes-kustomize/plan/verify.cue b/stdlib/.dagger/env/kubernetes-kustomize/plan/verify.cue new file mode 100644 index 00000000..48075413 --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-kustomize/plan/verify.cue @@ -0,0 +1,72 @@ +package main + +import ( + "dagger.io/dagger/op" + "dagger.io/dagger" + "dagger.io/alpine" +) + +#VerifyKustomize: { + source: dagger.#Artifact + + #up: [ + op.#Load & { + from: alpine.#Image & { + package: bash: "=~5.1" + } + }, + + // Check files + op.#Exec & { + always: true + args: [ + "sh", "-c", "test $(ls /source | wc -l) = 1", + ] + mount: "/source": from: source + }, + + // Check image tag kustomization + op.#Exec & { + always: true + args: [ + "sh", "-c", #""" + grep -q "\- image: nginx:v1" /source/result.yaml + """#, + ] + mount: "/source": from: source + }, + + // Check replicas kustomization + op.#Exec & { + always: true + args: [ + "sh", "-c", #""" + grep -q "replicas: 2" /source/result.yaml + """#, + ] + mount: "/source": from: source + }, + + // Check pod merge by kustomization + op.#Exec & { + always: true + args: [ + "sh", "-c", #""" + grep -q "kind: Pod" /source/result.yaml + """#, + ] + mount: "/source": from: source + }, + + // Check pod name + op.#Exec & { + always: true + args: [ + "sh", "-c", #""" + grep -q "name: test-pod" /source/result.yaml + """#, + ] + mount: "/source": from: source + }, + ] +} diff --git a/stdlib/.dagger/env/kubernetes-kustomize/values.yaml b/stdlib/.dagger/env/kubernetes-kustomize/values.yaml new file mode 100644 index 00000000..a9b6f70e --- /dev/null +++ b/stdlib/.dagger/env/kubernetes-kustomize/values.yaml @@ -0,0 +1,27 @@ +plan: + module: .dagger/env/kubernetes-kustomize/plan +name: kubernetes-kustomize +inputs: + TestKustomize.testdata: + dir: + path: ./kubernetes/kustomize/testdata +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTL2Jyczk3QXZiUVkyd3cw + TlYzQ2NyR2ZGZnhSRmowSGRmbFBodFRPc2dnCnJpYjdCdUpEUE10d3I4clh1eDVV + MmVqbmxiNmRvSUNqZEY3clZnci9pRkkKLS0tIGVLSVFwTy9TSElFUkdjOVlWb3Yy + OFllMEh3cVJZZnFxbW4xS1RtcFQzcFUKo/1WcYp4nPBXba8wQBe3DMt6pYQJGoSu + ja5BiCffN5wOoW9WT0j8Clx21w7BXcl46+T5GYpXDQDcqf6nCv1kYQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-06-17T20:48:00Z" + mac: ENC[AES256_GCM,data:SCWiSiDccPkZApOcc8RsYP7WPZUqUyYVB0UgivLhIsNSY5q3kCdenPLTUp2zLOcwaWzTPGmj++QtZjoNobcIhdVt1aJ9uXLLKRUXaRGIO3Jmhg3wj7kSPNjbDLZEB6uyA9h3edQGVVivNlNGpo91tg35QcFPPSG7UiowFnsD0zM=,iv:44hkujM/ZWjtYHau8BFMdOIeBj5jF/WnW4OOK7oSw1Y=,tag:mtJdUR+sA0tjIyAWDpXQlA==,type:str] + pgp: [] + encrypted_suffix: secret + version: 3.7.1 diff --git a/stdlib/.dagger/env/terraform/.gitignore b/stdlib/.dagger/env/terraform/.gitignore new file mode 100644 index 00000000..01ec19b0 --- /dev/null +++ b/stdlib/.dagger/env/terraform/.gitignore @@ -0,0 +1,2 @@ +# dagger state +state/** diff --git a/stdlib/.dagger/env/terraform/plan/terraform.cue b/stdlib/.dagger/env/terraform/plan/terraform.cue new file mode 100644 index 00000000..e34ea405 --- /dev/null +++ b/stdlib/.dagger/env/terraform/plan/terraform.cue @@ -0,0 +1,74 @@ +package terraform + +import ( + "dagger.io/dagger" + "dagger.io/dagger/op" + "dagger.io/alpine" + "dagger.io/terraform" +) + +TestData: dagger.#Artifact @dagger(input) + +TestConfig: awsConfig: { + accessKey: dagger.#Secret @dagger(input) + secretKey: dagger.#Secret @dagger(input) + region: "us-east-2" +} + +#TestGetConfig: { + accessKey: dagger.#Secret + + secretKey: dagger.#Secret + + visibleAccessKey: string + + visibleSecretKey: string + + #up: [ + op.#Load & {from: alpine.#Image & { + package: { + bash: true + jq: true + } + }}, + + op.#Exec & { + always: true + args: ["/bin/bash", "-c", #""" + export ACCESS_KEY=$(cat /accessKey) + export SECRET_KEY=$(cat /secretKey) + + jq --arg key0 'visibleAccessKey' --arg value0 "$ACCESS_KEY" \ + --arg key1 'visibleSecretKey' --arg value1 "$SECRET_KEY" \ + '. | .[$key0]=$value0 | .[$key1]=$value1' <<< '{}' > /out + """#, + ] + mount: { + "/accessKey": secret: accessKey + "/secretKey": secret: secretKey + } + }, + + op.#Export & { + source: "/out" + format: "json" + }, + ] +} + +TestTerraform: { + config: #TestGetConfig & { + accessKey: TestConfig.awsConfig.accessKey + secretKey: TestConfig.awsConfig.secretKey + } + + apply: terraform.#Configuration & { + source: TestData + env: { + AWS_ACCESS_KEY_ID: config.visibleAccessKey + AWS_SECRET_ACCESS_KEY: config.visibleSecretKey + AWS_DEFAULT_REGION: TestConfig.awsConfig.region + AWS_REGION: TestConfig.awsConfig.region + } + } +} diff --git a/stdlib/.dagger/env/terraform/values.yaml b/stdlib/.dagger/env/terraform/values.yaml new file mode 100644 index 00000000..fb5e132f --- /dev/null +++ b/stdlib/.dagger/env/terraform/values.yaml @@ -0,0 +1,31 @@ +plan: + module: .dagger/env/terraform/plan +name: terraform +inputs: + TestConfig.awsConfig.accessKey: + secret: ENC[AES256_GCM,data:V/p84nLbgjrytefnsfItiY71ikQ=,iv:i1x3UYP+sctwY9LrRp/rfeJ8/JPWOfiiJSG0NWUiXW0=,tag:IynKh1fQEhExmmR3qGx/zQ==,type:str] + TestConfig.awsConfig.secretKey: + secret: ENC[AES256_GCM,data:cBYaVhbeV9D6acJWNU7uL8AsEtpnY0wHM8td9ZAJ9ebGB+BY4iBZLQ==,iv:SDkRKQQKBSz/cRQlW65sIjF0PhHhhKkGUEgZe9CV7Ek=,tag:OCUQmgjP2p57YoLts9Dh4w==,type:str] + TestData: + dir: + path: ./terraform/testdata +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkOTJpQWJWY3dnM2hDdXZG + bVJEN0dNUzQ0VGhneWtHVG1hUHA5ZjdhdHdvClR0ZVpKb1RYRnc3dy9wSjVuSHBn + c2RMbzE0Y2EzN2FVak9CMk9CK0hOTFkKLS0tIG9Fdi9xWWc0TU5WY1ZsVUdZM2lw + cC9LSiswbFRKaTNXUGNIWVZVbGJqV1UK3/wsgPwR5P2fzs80wcz1dM/8sbBWMR+B + dmhP99OQisIgcwGATy0nh726pYKtosDpSLIJkLZDAUq9qRKm9bch1w== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-06-18T16:01:11Z" + mac: ENC[AES256_GCM,data:XznDGqfZkC6vsv696qWVxbBCUgsyU/zPZg0NCULCXAfO08Hsteb0c93Y8DA3CV8flQW3cgn5XLugNnQADJ6luTXHbqIVMVMUSe1q41Kxl7exr/dn0robqaRm5MnloG823s9X3sAOcPzyTSxy1YVZfYaYbG23w9IeNmVTyaUttkU=,iv:kEQs7+bx+7j2v5b6Bx0r+ZVtp7rj/8mgX4oRUP7cruc=,tag:oQEfCPO/0V11rmkc0yaz3Q==,type:str] + pgp: [] + encrypted_suffix: secret + version: 3.7.1 diff --git a/stdlib/docker/testdata/build/Dockerfile b/stdlib/docker/testdata/build/Dockerfile new file mode 100644 index 00000000..987ce9be --- /dev/null +++ b/stdlib/docker/testdata/build/Dockerfile @@ -0,0 +1,2 @@ +FROM alpine +RUN echo test >> /test.txt \ No newline at end of file diff --git a/stdlib/docker/testdata/dockerfile/test.txt b/stdlib/docker/testdata/dockerfile/test.txt new file mode 100644 index 00000000..30d74d25 --- /dev/null +++ b/stdlib/docker/testdata/dockerfile/test.txt @@ -0,0 +1 @@ +test \ No newline at end of file diff --git a/stdlib/helpers.bash b/stdlib/helpers.bash index 76a7f46f..0bddf106 100644 --- a/stdlib/helpers.bash +++ b/stdlib/helpers.bash @@ -46,3 +46,14 @@ copy_to_sandbox() { cp -a "$source" "$target" } + +# Check if there is a local kubernetes cluster. +# +# This is need to do kubernetes test in the CI. +skip_unless_local_kube() { + if [ -f ~/.kube/config ] && grep -q "user: kind-kind" ~/.kube/config &> /dev/null && grep -q "127.0.0.1" ~/.kube/config &> /dev/null; then + echo "Kubernetes available" + else + skip "local kubernetes cluster not available" + fi +} \ No newline at end of file diff --git a/stdlib/kubernetes/helm/testdata/mychart/.helmignore b/stdlib/kubernetes/helm/testdata/mychart/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/stdlib/kubernetes/helm/testdata/mychart/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/stdlib/kubernetes/helm/testdata/mychart/Chart.yaml b/stdlib/kubernetes/helm/testdata/mychart/Chart.yaml new file mode 100644 index 00000000..1613bff5 --- /dev/null +++ b/stdlib/kubernetes/helm/testdata/mychart/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v2 +name: mychart +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 diff --git a/stdlib/kubernetes/helm/testdata/mychart/templates/NOTES.txt b/stdlib/kubernetes/helm/testdata/mychart/templates/NOTES.txt new file mode 100644 index 00000000..8b795a8a --- /dev/null +++ b/stdlib/kubernetes/helm/testdata/mychart/templates/NOTES.txt @@ -0,0 +1,21 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mychart.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mychart.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mychart.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mychart.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/stdlib/kubernetes/helm/testdata/mychart/templates/_helpers.tpl b/stdlib/kubernetes/helm/testdata/mychart/templates/_helpers.tpl new file mode 100644 index 00000000..8479665d --- /dev/null +++ b/stdlib/kubernetes/helm/testdata/mychart/templates/_helpers.tpl @@ -0,0 +1,63 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "mychart.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "mychart.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "mychart.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "mychart.labels" -}} +helm.sh/chart: {{ include "mychart.chart" . }} +{{ include "mychart.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "mychart.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mychart.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "mychart.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "mychart.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/stdlib/kubernetes/helm/testdata/mychart/templates/deployment.yaml b/stdlib/kubernetes/helm/testdata/mychart/templates/deployment.yaml new file mode 100644 index 00000000..38e698f8 --- /dev/null +++ b/stdlib/kubernetes/helm/testdata/mychart/templates/deployment.yaml @@ -0,0 +1,55 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mychart.fullname" . }} + labels: + {{- include "mychart.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "mychart.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "mychart.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "mychart.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 80 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/stdlib/kubernetes/helm/testdata/mychart/templates/ingress.yaml b/stdlib/kubernetes/helm/testdata/mychart/templates/ingress.yaml new file mode 100644 index 00000000..76d277c0 --- /dev/null +++ b/stdlib/kubernetes/helm/testdata/mychart/templates/ingress.yaml @@ -0,0 +1,41 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "mychart.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "mychart.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ . }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} +{{- end }} diff --git a/stdlib/kubernetes/helm/testdata/mychart/templates/service.yaml b/stdlib/kubernetes/helm/testdata/mychart/templates/service.yaml new file mode 100644 index 00000000..bdceb88f --- /dev/null +++ b/stdlib/kubernetes/helm/testdata/mychart/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "mychart.fullname" . }} + labels: + {{- include "mychart.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "mychart.selectorLabels" . | nindent 4 }} diff --git a/stdlib/kubernetes/helm/testdata/mychart/templates/serviceaccount.yaml b/stdlib/kubernetes/helm/testdata/mychart/templates/serviceaccount.yaml new file mode 100644 index 00000000..145e891e --- /dev/null +++ b/stdlib/kubernetes/helm/testdata/mychart/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mychart.serviceAccountName" . }} + labels: + {{- include "mychart.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end -}} diff --git a/stdlib/kubernetes/helm/testdata/mychart/templates/tests/test-connection.yaml b/stdlib/kubernetes/helm/testdata/mychart/templates/tests/test-connection.yaml new file mode 100644 index 00000000..0bd46ef1 --- /dev/null +++ b/stdlib/kubernetes/helm/testdata/mychart/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "mychart.fullname" . }}-test-connection" + labels: + {{- include "mychart.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "mychart.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/stdlib/kubernetes/helm/testdata/mychart/values.yaml b/stdlib/kubernetes/helm/testdata/mychart/values.yaml new file mode 100644 index 00000000..dbf4257e --- /dev/null +++ b/stdlib/kubernetes/helm/testdata/mychart/values.yaml @@ -0,0 +1,68 @@ +# Default values for mychart. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: IfNotPresent + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: [] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/stdlib/kubernetes/kustomize/testdata/deployment.yaml b/stdlib/kubernetes/kustomize/testdata/deployment.yaml new file mode 100644 index 00000000..e47d13ff --- /dev/null +++ b/stdlib/kubernetes/kustomize/testdata/deployment.yaml @@ -0,0 +1,22 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nginx-deployment + labels: + app: nginx-deployment +spec: + replicas: 1 + template: + metadata: + name: nginx-deployment + labels: + app: nginx-deployment + spec: + containers: + - name: nginx-deployment + image: nginx + imagePullPolicy: IfNotPresent + restartPolicy: Always + selector: + matchLabels: + app: nginx-deployment diff --git a/stdlib/kubernetes/kustomize/testdata/pod.yaml b/stdlib/kubernetes/kustomize/testdata/pod.yaml new file mode 100644 index 00000000..179e8199 --- /dev/null +++ b/stdlib/kubernetes/kustomize/testdata/pod.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Pod +metadata: + name: test-pod + labels: + app: test-pod +spec: + containers: + - name: test-pod + image: nginx + imagePullPolicy: IfNotPresent + restartPolicy: Always diff --git a/stdlib/terraform/testdata/test.tf b/stdlib/terraform/testdata/test.tf new file mode 100644 index 00000000..878484e2 --- /dev/null +++ b/stdlib/terraform/testdata/test.tf @@ -0,0 +1,34 @@ +terraform { + required_providers { + random = { + source = "hashicorp/random" + version = "3.1.0" + } + } + + backend "s3" { + bucket = "dagger-ci" + key = "terraform/tfstate" + region = "us-east-2" + } +} + +provider "random" { +} + +variable "input" { + type = string +} + +resource "random_integer" "test" { + min = 1 + max = 50 +} + +output "random" { + value = random_integer.test.result +} + +output "input" { + value = var.input +} diff --git a/stdlib/universe.bats b/stdlib/universe.bats index 2bceeac2..16681b0e 100644 --- a/stdlib/universe.bats +++ b/stdlib/universe.bats @@ -32,10 +32,18 @@ setup() { dagger -e aws-s3 up } +@test "aws: eks" { + dagger -e aws-eks up +} + @test "docker run: local" { dagger -e docker-run-local up } +@test "docker build" { + dagger -e docker-build up +} + @test "docker command: ssh" { dagger -e docker-command-ssh up } @@ -53,6 +61,34 @@ setup() { dagger -e docker-run-ssh up } +@test "kubernetes: deployment" { + skip_unless_local_kube + + # Set kubeconfig + dagger -e kubernetes-deployment input text TestKubeconfig -f "$HOME"/.kube/config + + dagger -e kubernetes-deployment up + + # Unset kubeconfig + dagger -e kubernetes-deployment input unset TestKubeconfig +} + +@test "kubernetes: kustomize" { + dagger -e kubernetes-kustomize up +} + +@test "kubernetes: helm" { + skip_unless_local_kube + + # Set kubeconfig + dagger -e kubernetes-helm input text TestKubeconfig -f "$HOME"/.kube/config + + dagger -e kubernetes-helm up + + # Unset kubeconfig + dagger -e kubernetes-helm input unset TestKubeconfig +} + @test "google cloud: gcr" { dagger -e google-gcr up } @@ -60,3 +96,29 @@ setup() { @test "google cloud: gke" { dagger -e google-gke up } + +@test "terraform" { + # it must fail because of a missing var + run dagger -e terraform up + assert_failure + + # Add the var and try again + run dagger -e terraform input text TestTerraform.apply.tfvars.input "42" + run dagger -e terraform up + assert_success + + # ensure the tfvar was passed correctly + run dagger query -e terraform TestTerraform.apply.output.input.value -f text + assert_success + assert_output "42" + + # ensure the random value is always the same + # this proves we're effectively using the s3 backend + run dagger query -e terraform TestTerraform.apply.output.random.value -f json + assert_success + assert_output "36" + + # Unset input + run dagger -e terraform input unset TestTerraform.apply.tfvars.input + assert_success +} \ No newline at end of file diff --git a/tests/stdlib/terraform/s3/inputs.yaml b/tests/stdlib/terraform/s3/inputs.yaml new file mode 100644 index 00000000..ef2355cf --- /dev/null +++ b/tests/stdlib/terraform/s3/inputs.yaml @@ -0,0 +1,24 @@ +TestConfig: + awsConfig: + accessKey: ENC[AES256_GCM,data:cZLf9D1ymnU4A44oGiQ4fFKdEB0=,iv:rNv9rnXSvIpKeUYRqseS9aKjEG4Wim7OW0EKEbBgp+M=,tag:cOzI4KsDgCgi/w7ByFKJJw==,type:str] + secretKey: ENC[AES256_GCM,data:ZFIHfnQYYu7ZhoXogVIHbd2wakBTw9D0TiHeadSKaYAQemCun/egNg==,iv:zISyY5zGZHfe5HZJHdfIUpX6siFIgLMrwAbZRyLH9FU=,tag:uD+1eLHY/AKR9vnpyBh+GQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPdU5ENVpScm0yd2RXWjRJ + aSsxWTNvSHBBeU94Z2ZKNjhXdzJHZGNybXkwCk9FVW5EM21LSTRHMkE5VG1SRFpL + ZGUyOHl3MEU3M3ZXTzBqSlExTU1uVTgKLS0tIDZRVDJOaEVZVnVSalRKMUVTTytV + ZWRONHhmOEJVd1lqM1NkMFdSNHU2THMKSjtxHeq/ZSgpXrevLH4AVYyRh4jO6qjT + J301rFx0Cu5qeSIhRiG54Pse83GD+fObDhfH0nPf5HZttDZxrISUdg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-05-28T20:45:06Z" + mac: ENC[AES256_GCM,data:7b6X10McAD1qvsS3ZFWeteP7zLC6IAo6NdFjvaX1iyrjoZ+fT8hNkIPVKyfPFTqZzNIZ7qEYJO2PKrTjbhf6a1LEsL9gtfoX4JwINDk66TgIsJsvdp4TRIlEKoRSKK08zc+A5YFAtD1Pj+a3+NnF32ZUsoH+jqSixH2hK51RI0U=,iv:JKeSA0bp+QBE8H/kS/eIL47k1Bsg4L0q/YU4OlJmIKU=,tag:f3gzp/Nv4p4DajNfoAicAg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.1