kjuulh/dagger
Archived
1
0
Fork 0
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity

Refactor compose.#Up definition to use docker.#Command

Browse Source 
Add some feature to docker.#Command to :
- Copy artifact in the container
- Write files in the container
- Login to registries

Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
This commit is contained in:
Tom Chauveau 2021-06-17 17:12:24 +02:00
parent f1a6f66ed5
commit 5029b5d815
2 changed files with 82 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
stdlib/docker/command.cue
View File

@ -62,6 +62,19 @@ import (
[string]: true | false | string @dagger(input) [string]: true | false | string @dagger(input)
} }
// Image registries
registries: [...{
target?: string
username: string
secret: dagger.#Secret
}] @dagger(input)
// Copy contents from other artifacts
copy: [string]: from: dagger.#Artifact
// Write file in the container
files: [string]: string
// Setup docker client and then execute the user command // Setup docker client and then execute the user command
#code: #""" #code: #"""
# Setup ssh # Setup ssh
@ -103,7 +116,8 @@ import (
#up: [ #up: [
op.#Load & { op.#Load & {
from: alpine.#Image & { from: alpine.#Image & {
package: { "package": {
package
bash: true bash: true
"openssh-client": true "openssh-client": true
"docker-cli": true "docker-cli": true
@ -111,6 +125,34 @@ import (
} }
}, },
for registry in registries {
op.#Exec & {
args: ["/bin/bash", "-c", #"""
echo "$TARGER_HOST" | docker login --username "$DOCKER_USERNAME" --password-stdin "$(cat /password)"
"""#,
]
env: {
TARGET_HOST: registry.target
DOCKER_USERNAME: registry.username
}
mount: "/password": secret: registry.password
}
},
for dest, content in files {
op.#WriteFile & {
"content": content
"dest": dest
}
},
for dest, src in copy {
op.#Copy & {
from: src.from
"dest": dest
}
},
if ssh.keyPassphrase != _|_ { if ssh.keyPassphrase != _|_ {
op.#WriteFile & { op.#WriteFile & {
content: #""" content: #"""
@ -137,7 +179,7 @@ import (
op.#Exec & { op.#Exec & {
always: true always: true
args: [ args: [
"/bin/sh", "/bin/bash",
"--noprofile", "--noprofile",
"--norc", "--norc",
"-eo", "-eo",
@ -146,7 +188,6 @@ import (
] ]
"env": { "env": {
env env
if ssh != _|_ { if ssh != _|_ {
DOCKER_HOSTNAME: ssh.host DOCKER_HOSTNAME: ssh.host
DOCKER_USERNAME: ssh.user DOCKER_USERNAME: ssh.user
@ -161,6 +202,9 @@ import (
} }
} }
"mount": { "mount": {
if ssh == _|_ {
"/var/run/docker.sock": "docker.sock"
}
if ssh != _|_ { if ssh != _|_ {
if ssh.key != _|_ { if ssh.key != _|_ {
"/key": secret: ssh.key "/key": secret: ssh.key

148
stdlib/docker/compose/compose.cue
View File

@ -3,7 +3,7 @@ package compose
import ( import (
"strconv" "strconv"
"dagger.io/dagger" "dagger.io/dagger"
"dagger.io/dagger/op" "dagger.io/docker"
) )
#Up: { #Up: {
@ -28,7 +28,7 @@ import (
} }
// Accept either a contaxt, a docker-compose or both together // Accept either a contaxt, a docker-compose or both together
context?: dagger.#Artifact @dagger(input) source?: dagger.#Artifact @dagger(input)
composeFile?: string @dagger(input) composeFile?: string @dagger(input)
// Image registries // Image registries
@ -39,121 +39,43 @@ import (
}] @dagger(input) }] @dagger(input)
#code: #""" #code: #"""
if [ -n "$DOCKER_HOSTNAME" ]; then if [ -n "$DOCKER_HOSTNAME" ]; then
# Start ssh-agent ssh -i /key -fNT -o "StreamLocalBindUnlink=yes" -L "$(pwd)"/docker.sock:/var/run/docker.sock -p "$DOCKER_PORT" "$DOCKER_USERNAME"@"$DOCKER_HOSTNAME"
eval $(ssh-agent) > /dev/null export DOCKER_HOST="unix://$(pwd)/docker.sock"
# Add key fi
if [ -f "/key" ]; then
message="$(ssh-keygen -y -f /key < /dev/null 2>&1)" || { # Extend session duration
>&2 echo "$message" echo "Host *\nServerAliveInterval 240" >> "$HOME"/.ssh/config
exit 1 chmod 600 "$HOME"/.ssh/config
}
ssh-add /key > /dev/null # Move compose
if [ "$?" != 0 ]; then if [ -d "$SOURCE_DIR" ]; then
exit 1 if [ -f docker-compose.yaml ]; then
fi cp docker-compose.yaml "$SOURCE_DIR"/docker-compose.yaml
fi
if [[ ! -z $FINGERPRINT ]]; then
mkdir -p "$HOME"/.ssh
# Add user's fingerprint to known hosts
echo "$FINGERPRINT" >> "$HOME"/.ssh/known_hosts
else
# Add host to known hosts
ssh -i /key -o "UserKnownHostsFile "$HOME"/.ssh/known_hosts" -o "StrictHostKeyChecking accept-new" -p "$DOCKER_PORT" "$DOCKER_USERNAME"@"$DOCKER_HOSTNAME" /bin/true > /dev/null 2>&1
fi
ssh -i /key -fNT -o "StreamLocalBindUnlink=yes" -L "$(pwd)"/docker.sock:/var/run/docker.sock -p "$DOCKER_PORT" "$DOCKER_USERNAME"@"$DOCKER_HOSTNAME"
export DOCKER_HOST="unix://$(pwd)/docker.sock"
fi fi
cd "$SOURCE_DIR"
fi
# Extend session duration docker-compose build
echo "Host *\nServerAliveInterval 240" >> "$HOME"/.ssh/config docker-compose up -d
chmod 600 "$HOME"/.ssh/config
cd /context
docker-compose build
docker-compose up -d
"""# """#
#up: [ run: docker.#Command & {
op.#Load & {from: #Client}, "ssh": ssh
command: #code
// Login to registries package: "docker-compose": true
for registry in registries { "registries": registries
op.#DockerLogin & {registry} if source != _|_ {
}, copy: "/source": from: source
}
if context != _|_ {
op.#Copy & {
from: context
dest: "/context/"
}
},
if context == _|_ {
op.#Mkdir & {
path: "/context/"
}
},
if composeFile != _|_ { if composeFile != _|_ {
op.#WriteFile & { files: "/docker-compose.yaml": composeFile
content: composeFile }
dest: "/context/docker-compose.yaml" env: {
COMPOSE_HTTP_TIMEOUT: strconv.FormatInt(200, 10)
if source != _|_ {
SOURCE_DIR: "source"
} }
}, }
}
if ssh.keyPassphrase != _|_ {
op.#WriteFile & {
content: #"""
#!/bin/bash
cat /passphrase
"""#
dest: "/get_passphrase"
mode: 0o500
}
},
op.#WriteFile & {
content: #code
dest: "/entrypoint.sh"
},
op.#Exec & {
always: true
args: [
"/bin/sh",
"--noprofile",
"--norc",
"-eo",
"pipefail",
"/entrypoint.sh",
]
env: {
if ssh != _|_ {
COMPOSE_HTTP_TIMEOUT: strconv.FormatInt(200, 10)
DOCKER_HOSTNAME: ssh.host
DOCKER_USERNAME: ssh.user
DOCKER_PORT: strconv.FormatInt(ssh.port, 10)
if ssh.keyPassphrase != _|_ {
SSH_ASKPASS: "/get_passphrase"
DISPLAY: "1"
}
if ssh.fingerprint != _|_ {
FINGERPRINT: ssh.fingerprint
}
}
}
mount: {
if ssh == _|_ {
"/var/run/docker.sock": "docker.sock"
}
if ssh.key != _|_ {
"/key": secret: ssh.key
}
if ssh.keyPassphrase != _|_ {
"/passphrase": secret: ssh.keyPassphrase
}
}
},
]
} }