kjuulh/dagger
Archived
1
0
Fork 0
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity

Refactor compose.#Up definition to use docker.#Command

Browse Source 
Add some feature to docker.#Command to :
- Copy artifact in the container
- Write files in the container
- Login to registries

Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
This commit is contained in:
Tom Chauveau 2021-06-17 17:12:24 +02:00
parent f1a6f66ed5
commit 5029b5d815
2 changed files with 82 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
stdlib/docker/command.cue
View File

@ -62,6 +62,19 @@ import (
[string]: true | false | string @dagger(input)
}
// Image registries
registries: [...{
target?: string
username: string
secret: dagger.#Secret
}] @dagger(input)
// Copy contents from other artifacts
copy: [string]: from: dagger.#Artifact
// Write file in the container
files: [string]: string
// Setup docker client and then execute the user command
#code: #"""
# Setup ssh
@ -103,7 +116,8 @@ import (
#up: [
op.#Load & {
from: alpine.#Image & {
package: {
"package": {
package
bash: true
"openssh-client": true
"docker-cli": true
@ -111,6 +125,34 @@ import (
}
},
for registry in registries {
op.#Exec & {
args: ["/bin/bash", "-c", #"""
echo "$TARGER_HOST" | docker login --username "$DOCKER_USERNAME" --password-stdin "$(cat /password)"
"""#,
]
env: {
TARGET_HOST: registry.target
DOCKER_USERNAME: registry.username
}
mount: "/password": secret: registry.password
}
},
for dest, content in files {
op.#WriteFile & {
"content": content
"dest": dest
}
},
for dest, src in copy {
op.#Copy & {
from: src.from
"dest": dest
}
},
if ssh.keyPassphrase != _|_ {
op.#WriteFile & {
content: #"""
@ -137,7 +179,7 @@ import (
op.#Exec & {
always: true
args: [
"/bin/sh",
"/bin/bash",
"--noprofile",
"--norc",
"-eo",
@ -146,7 +188,6 @@ import (
]
"env": {
env
if ssh != _|_ {
DOCKER_HOSTNAME: ssh.host
DOCKER_USERNAME: ssh.user
@ -161,6 +202,9 @@ import (
}
}
"mount": {
if ssh == _|_ {
"/var/run/docker.sock": "docker.sock"
}
if ssh != _|_ {
if ssh.key != _|_ {
"/key": secret: ssh.key

148
stdlib/docker/compose/compose.cue
View File

@ -3,7 +3,7 @@ package compose
import (
"strconv"
"dagger.io/dagger"
"dagger.io/dagger/op"
"dagger.io/docker"
)
#Up: {
@ -28,7 +28,7 @@ import (
}
// Accept either a contaxt, a docker-compose or both together
context?: dagger.#Artifact @dagger(input)
source?: dagger.#Artifact @dagger(input)
composeFile?: string @dagger(input)
// Image registries
@ -39,121 +39,43 @@ import (
}] @dagger(input)
#code: #"""
if [ -n "$DOCKER_HOSTNAME" ]; then
# Start ssh-agent
eval $(ssh-agent) > /dev/null
# Add key
if [ -f "/key" ]; then
message="$(ssh-keygen -y -f /key < /dev/null 2>&1)" || {
>&2 echo "$message"
exit 1
}
ssh-add /key > /dev/null
if [ "$?" != 0 ]; then
exit 1
fi
fi
if [[ ! -z $FINGERPRINT ]]; then
mkdir -p "$HOME"/.ssh
# Add user's fingerprint to known hosts
echo "$FINGERPRINT" >> "$HOME"/.ssh/known_hosts
else
# Add host to known hosts
ssh -i /key -o "UserKnownHostsFile "$HOME"/.ssh/known_hosts" -o "StrictHostKeyChecking accept-new" -p "$DOCKER_PORT" "$DOCKER_USERNAME"@"$DOCKER_HOSTNAME" /bin/true > /dev/null 2>&1
fi
ssh -i /key -fNT -o "StreamLocalBindUnlink=yes" -L "$(pwd)"/docker.sock:/var/run/docker.sock -p "$DOCKER_PORT" "$DOCKER_USERNAME"@"$DOCKER_HOSTNAME"
export DOCKER_HOST="unix://$(pwd)/docker.sock"
if [ -n "$DOCKER_HOSTNAME" ]; then
ssh -i /key -fNT -o "StreamLocalBindUnlink=yes" -L "$(pwd)"/docker.sock:/var/run/docker.sock -p "$DOCKER_PORT" "$DOCKER_USERNAME"@"$DOCKER_HOSTNAME"
export DOCKER_HOST="unix://$(pwd)/docker.sock"
fi
# Extend session duration
echo "Host *\nServerAliveInterval 240" >> "$HOME"/.ssh/config
chmod 600 "$HOME"/.ssh/config
# Move compose
if [ -d "$SOURCE_DIR" ]; then
if [ -f docker-compose.yaml ]; then
cp docker-compose.yaml "$SOURCE_DIR"/docker-compose.yaml
fi
cd "$SOURCE_DIR"
fi
# Extend session duration
echo "Host *\nServerAliveInterval 240" >> "$HOME"/.ssh/config
chmod 600 "$HOME"/.ssh/config
cd /context
docker-compose build
docker-compose up -d
docker-compose build
docker-compose up -d
"""#
#up: [
op.#Load & {from: #Client},
// Login to registries
for registry in registries {
op.#DockerLogin & {registry}
},
if context != _|_ {
op.#Copy & {
from: context
dest: "/context/"
}
},
if context == _|_ {
op.#Mkdir & {
path: "/context/"
}
},
run: docker.#Command & {
"ssh": ssh
command: #code
package: "docker-compose": true
"registries": registries
if source != _|_ {
copy: "/source": from: source
}
if composeFile != _|_ {
op.#WriteFile & {
content: composeFile
dest: "/context/docker-compose.yaml"
files: "/docker-compose.yaml": composeFile
}
env: {
COMPOSE_HTTP_TIMEOUT: strconv.FormatInt(200, 10)
if source != _|_ {
SOURCE_DIR: "source"
}
},
if ssh.keyPassphrase != _|_ {
op.#WriteFile & {
content: #"""
#!/bin/bash
cat /passphrase
"""#
dest: "/get_passphrase"
mode: 0o500
}
},
op.#WriteFile & {
content: #code
dest: "/entrypoint.sh"
},
op.#Exec & {
always: true
args: [
"/bin/sh",
"--noprofile",
"--norc",
"-eo",
"pipefail",
"/entrypoint.sh",
]
env: {
if ssh != _|_ {
COMPOSE_HTTP_TIMEOUT: strconv.FormatInt(200, 10)
DOCKER_HOSTNAME: ssh.host
DOCKER_USERNAME: ssh.user
DOCKER_PORT: strconv.FormatInt(ssh.port, 10)
if ssh.keyPassphrase != _|_ {
SSH_ASKPASS: "/get_passphrase"
DISPLAY: "1"
}
if ssh.fingerprint != _|_ {
FINGERPRINT: ssh.fingerprint
}
}
}
mount: {
if ssh == _|_ {
"/var/run/docker.sock": "docker.sock"
}
if ssh.key != _|_ {
"/key": secret: ssh.key
}
if ssh.keyPassphrase != _|_ {
"/passphrase": secret: ssh.keyPassphrase
}
}
},
]
}
}
}