aws: use secrets

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>

tests/stdlib.bats

@@ -43,9 +43,7 @@ setup() {
 }
 
 @test "stdlib: aws: s3" {
-    skip_unless_secrets_available "$TESTDIR"/stdlib/aws/inputs.yaml
-
-    "$DAGGER" compute "$TESTDIR"/stdlib/aws/s3 --input-dir TestDirectory="$TESTDIR"/stdlib/aws/s3/testdata --input-yaml "$TESTDIR"/stdlib/aws/inputs.yaml
+    "$DAGGER" up -w "$TESTDIR"/stdlib/aws/s3
 }
 
 @test "stdlib: aws: eks" {
@@ -55,9 +53,7 @@ setup() {
 }
 
 @test "stdlib: aws: ecr" {
-    skip_unless_secrets_available "$TESTDIR"/stdlib/aws/inputs.yaml
-
-    "$DAGGER" compute "$TESTDIR"/stdlib/aws/ecr --input-yaml "$TESTDIR"/stdlib/aws/inputs.yaml
+    "$DAGGER" up -w "$TESTDIR"/stdlib/aws/ecr
 }
 
 @test "stdlib: gcp: gke" {

tests/stdlib/aws/ecr/.dagger/env/default/.gitignore

@@ -0,0 +1,2 @@
+# dagger state
+state/**

tests/stdlib/aws/ecr/.dagger/env/default/values.yaml

@@ -0,0 +1,26 @@
+name: default
+inputs:
+    TestConfig.awsConfig.accessKey:
+        secret: ENC[AES256_GCM,data:iu6LfQNgGZUVnHVeMRYPrcBtlZk=,iv:U5PLxDKXwJnUDdk1ayFGvvJfWdVqh1PK5ujb20YYPP0=,tag:QyqIJRiR6nE16ZDV0CP7Pw==,type:str]
+    TestConfig.awsConfig.secretKey:
+        secret: ENC[AES256_GCM,data:Q/W+KH3NEouGt6C5S+KiC43837soYi2Mjb/z5K8rD9gtaNaBjjkJHg==,iv:8nGEzLXd91rF5YBZ/EdQoMN27yrpc0sgm26DEvIuSHM=,tag:/oyKl/vj5MJAm+jZMOOAuQ==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKeEk5MS9nVmFoOVNNOHdE
+            WnZCTXBWbW9LL1NJYndCYjhIM2JsNXNEUmxJCkUya0dlZjZ0dGRIM1pVdzg5eWFH
+            MVpiaE9PclNudGdUZm5FcytuVDZGTDAKLS0tIEQxWDdteHgzS3JkdmtNTVpxMUh1
+            aXlvVWJVSGNTSkVyYmpZbi9nUVJZdmMK6csXZ2RMxFw5DB+Hb2TyhyoZT8c2/z7Y
+            Lc9Pe8gb8aUq5Ha+wCybYvY6JWEM5A9XYJKbE7f4borTfGKS72d6pw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2021-05-27T00:53:54Z"
+    mac: ENC[AES256_GCM,data:ho/e/xUzRdwwe3VRCz9p8UNHgxdhAxkNtWUJLS5fEXBGnw28hjwNBbPYN78bX0k9SQ/5bgvXT2O/Z+zmOSWfrCYD2eojh9mDR4aCV5m/liVh5Dxha65u6zPl9VVcSunYg3wqe9Zl+pMG8BJXvczQS7S5QEGEaWojfaA/o7HM1BE=,iv:o/cVw6GBCCdgIqIZGDzqSCiBHUmrhAoIRcyGS9P83j0=,tag:WSQO0C0lPH2vOzl07rmRGg==,type:str]
+    pgp: []
+    encrypted_suffix: secret
+    version: 3.7.1

tests/stdlib/aws/s3/.dagger/env/default/.gitignore

@@ -0,0 +1,2 @@
+# dagger state
+state/**

tests/stdlib/aws/s3/.dagger/env/default/plan/s3.cue

@@ -22,6 +22,8 @@ TestS3UploadFile: {
 	}
 
 	verify: #VerifyS3 & {
+		config: TestConfig.awsConfig
+		target: deploy.target
 		file: "test.txt"
 	}
 }
@@ -36,10 +38,14 @@ TestS3UploadDir: {
 	}
 
 	verifyFile: #VerifyS3 & {
+		config: TestConfig.awsConfig
+		target: deploy.target
 		file: "dirFile.txt"
 	}
 
 	verifyDir: #VerifyS3 & {
+		config: TestConfig.awsConfig
+		target: deploy.target
 		file: "foo.txt"
 	}
 }

tests/stdlib/aws/s3/.dagger/env/default/plan/verify.cue

@@ -13,30 +13,48 @@ import (
 	// Target S3 URL (e.g. s3://<bucket-name>/<path>/<sub-path>)
 	target?: string
 
-	// Export folder
-	export: "/contents"
+	contents: {
+		string
 
-	// Script
-	aws.#Script & {
-		code: """
-			aws s3 ls --recursive \(target) >> /contents
-		"""
+		#up: [
+			op.#Load & {
+				from: aws.#CLI & {
+					"config": config
+				}
+			},
+
+			op.#Exec & {
+				args: [
+					"/bin/bash",
+					"--noprofile",
+					"--norc",
+					"-eo",
+					"pipefail",
+					"-c",
+					#"""
+					aws s3 ls --recursive \#(target) > /contents
+					"""#
+				]
+			},
+
+			op.#Export & {
+				source: "/contents"
+				format: "string"
+			}
+		]
 	}
 }
 
 #VerifyS3: {
 	file: string
+	config: aws.#Config
+	target: string
 
 	lists: #List & {
-		config: TestConfig.awsConfig
-		target: "s3://\(bucket)"
+		"config": config
+		"target": target
 	}
 
-	#CheckFiles:
-		"""
-				grep -q \(file) /test
-			"""
-
 	test: #up: [
 		op.#Load & {
 			from: alpine.#Image & {
@@ -46,12 +64,7 @@ import (
 
 		op.#WriteFile & {
 			dest:    "/test"
-			content: lists.out
-		},
-
-		op.#WriteFile & {
-			dest:    "/checkFiles.sh"
-			content: #CheckFiles
+			content: lists.contents
 		},
 
 		op.#Exec & {
@@ -62,7 +75,8 @@ import (
 				"--norc",
 				"-eo",
 				"pipefail",
-				"/checkFiles.sh",
+				"-c",
+				"grep -q \(file) /test"
 			]
 		},
 	]

tests/stdlib/aws/s3/.dagger/env/default/values.yaml

@@ -0,0 +1,30 @@
+name: default
+inputs:
+    TestConfig.awsConfig.accessKey:
+        secret: ENC[AES256_GCM,data:iu6LfQNgGZUVnHVeMRYPrcBtlZk=,iv:U5PLxDKXwJnUDdk1ayFGvvJfWdVqh1PK5ujb20YYPP0=,tag:QyqIJRiR6nE16ZDV0CP7Pw==,type:str]
+    TestConfig.awsConfig.secretKey:
+        secret: ENC[AES256_GCM,data:Q/W+KH3NEouGt6C5S+KiC43837soYi2Mjb/z5K8rD9gtaNaBjjkJHg==,iv:8nGEzLXd91rF5YBZ/EdQoMN27yrpc0sgm26DEvIuSHM=,tag:/oyKl/vj5MJAm+jZMOOAuQ==,type:str]
+    TestDirectory:
+        dir:
+            path: ./testdata
+            include: []
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKeEk5MS9nVmFoOVNNOHdE
+            WnZCTXBWbW9LL1NJYndCYjhIM2JsNXNEUmxJCkUya0dlZjZ0dGRIM1pVdzg5eWFH
+            MVpiaE9PclNudGdUZm5FcytuVDZGTDAKLS0tIEQxWDdteHgzS3JkdmtNTVpxMUh1
+            aXlvVWJVSGNTSkVyYmpZbi9nUVJZdmMK6csXZ2RMxFw5DB+Hb2TyhyoZT8c2/z7Y
+            Lc9Pe8gb8aUq5Ha+wCybYvY6JWEM5A9XYJKbE7f4borTfGKS72d6pw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2021-05-27T00:13:13Z"
+    mac: ENC[AES256_GCM,data:uqGhc0e6mQp5kdKvJTFz+yjcc5WUtLBcsqkzh0NeJhP9nztpX1TJfqBeyGfd7pwltL6b9YXLdJx/myCMxvJ6O8bS726AxE4ogcRgUGP6d5Q5aXw9i7VkLgVKY+gJZCbT+r80RiMqm23x3CPAPNjEsPh5nfgdNsN5ltJmq7IUGj0=,iv:Mw56hEghRGw6tLP6rhe78yD/blqgX2roeQRDiJ6+kAI=,tag:qE2LtSZPxDhITtdnsvrYfA==,type:str]
+    pgp: []
+    encrypted_suffix: secret
+    version: 3.7.1