Add a new make target that provisions dagger-ci declaratively
While at it, add help make target & make it the default.
This explains all make targets. Run `make help` to see it in action 😉
dagger-ci-pr1499-2022-01-26 API token was added as an AGE secret. It can
be accessed only by the intended recipients are able to decrypt it with
their private SSH keys.
echo "TOKEN" | age -R .age.recipients.txt -o .do.dagger-ci-pr1499-2022-01-26.age
Do not assume that /bin/true exists on hosts running Docker. Use "true"
and let the system resolve the path.
Re-enable all ssh Universe tests.
Signed-off-by: Gerhard Lazu <gerhard@lazu.co.uk>
This commit is contained in:
parent
0be326ade9
commit
5719ccbc96
6
.gitignore
vendored
6
.gitignore
vendored
@ -31,3 +31,9 @@ docs/learn/tests/node_modules
|
|||||||
# Integration CI dagger.mod, dagger.sum
|
# Integration CI dagger.mod, dagger.sum
|
||||||
dagger.mod
|
dagger.mod
|
||||||
dagger.sum
|
dagger.sum
|
||||||
|
|
||||||
|
# Local binaries
|
||||||
|
bin/
|
||||||
|
|
||||||
|
# Local environment variables
|
||||||
|
.env
|
||||||
|
62
Makefile
62
Makefile
@ -1,78 +1,92 @@
|
|||||||
|
SHELL := bash# we want bash behaviour in all shell invocations
|
||||||
|
|
||||||
|
# https://stackoverflow.com/questions/4842424/list-of-ansi-color-escape-sequences
|
||||||
|
BOLD := \033[1m
|
||||||
|
NORMAL := \033[0m
|
||||||
|
GREEN := \033[1;32m
|
||||||
|
|
||||||
|
XDG_CONFIG_HOME ?= $(CURDIR)/.config
|
||||||
|
export XDG_CONFIG_HOME
|
||||||
|
.DEFAULT_GOAL := help
|
||||||
|
HELP_TARGET_DEPTH ?= \#
|
||||||
|
.PHONY: help
|
||||||
|
help: # Show how to get started & what targets are available
|
||||||
|
@printf "This is a list of all the make targets that you can run, e.g. $(BOLD)make dagger$(NORMAL) - or $(BOLD)m dagger$(NORMAL)\n\n"
|
||||||
|
@awk -F':+ |$(HELP_TARGET_DEPTH)' '/^[0-9a-zA-Z._%-]+:+.+$(HELP_TARGET_DEPTH).+$$/ { printf "$(GREEN)%-20s\033[0m %s\n", $$1, $$3 }' $(MAKEFILE_LIST) | sort
|
||||||
|
@echo
|
||||||
|
|
||||||
GIT_REVISION := $(shell git rev-parse --short HEAD)
|
GIT_REVISION := $(shell git rev-parse --short HEAD)
|
||||||
|
|
||||||
.PHONY: all
|
|
||||||
all: dagger
|
|
||||||
|
|
||||||
.PHONY: dagger
|
.PHONY: dagger
|
||||||
dagger:
|
dagger: # Build a dev dagger binary
|
||||||
CGO_ENABLED=0 go build -o ./cmd/dagger/ -ldflags '-s -w -X go.dagger.io/dagger/version.Revision=$(GIT_REVISION)' ./cmd/dagger/
|
CGO_ENABLED=0 go build -o ./cmd/dagger/ -ldflags '-s -w -X go.dagger.io/dagger/version.Revision=$(GIT_REVISION)' ./cmd/dagger/
|
||||||
|
|
||||||
.PHONY: dagger-debug
|
.PHONY: dagger-debug
|
||||||
dagger-debug:
|
dagger-debug: # Build a debug version of the dev dagger binary
|
||||||
go build -race -o ./cmd/dagger/dagger-debug -ldflags '-X go.dagger.io/dagger/version.Revision=$(GIT_REVISION)' ./cmd/dagger/
|
go build -race -o ./cmd/dagger/dagger-debug -ldflags '-X go.dagger.io/dagger/version.Revision=$(GIT_REVISION)' ./cmd/dagger/
|
||||||
|
|
||||||
.PHONY: install
|
.PHONY: install
|
||||||
|
install: dagger # Build & install a dev dagger binary
|
||||||
go install ./cmd/dagger
|
go install ./cmd/dagger
|
||||||
|
|
||||||
.PHONY: test
|
.PHONY: test
|
||||||
test:
|
test: # Run all tests
|
||||||
go test -race -v ./...
|
go test -race -v ./...
|
||||||
|
|
||||||
.PHONY: golint
|
.PHONY: golint
|
||||||
golint:
|
golint: # Go lint
|
||||||
golangci-lint run --timeout 3m
|
golangci-lint run --timeout 3m
|
||||||
|
|
||||||
.PHONY: cuefmt
|
.PHONY: cuefmt
|
||||||
cuefmt:
|
cuefmt: # Format all cue files
|
||||||
find . -name '*.cue' -not -path '*/cue.mod/*' -print | time xargs -n 1 -P 8 cue fmt -s
|
find . -name '*.cue' -not -path '*/cue.mod/*' -print | time xargs -n 1 -P 8 cue fmt -s
|
||||||
|
|
||||||
.PHONY: cuelint
|
.PHONY: cuelint
|
||||||
cuelint: cuefmt
|
cuelint: cuefmt # Lint and format all cue files
|
||||||
@test -z "$$(git status -s . | grep -e "^ M" | grep .cue | cut -d ' ' -f3 | tee /dev/stderr)"
|
@test -z "$$(git status -s . | grep -e "^ M" | grep .cue | cut -d ' ' -f3 | tee /dev/stderr)"
|
||||||
|
|
||||||
.PHONY: shellcheck
|
.PHONY: shellcheck
|
||||||
shellcheck:
|
shellcheck: # Run shellcheck
|
||||||
shellcheck $$(find . -type f \( -iname \*.bats -o -iname \*.bash -o -iname \*.sh \) -not -path "*/node_modules/*" -not -path "*/bats-*/*")
|
shellcheck $$(find . -type f \( -iname \*.bats -o -iname \*.bash -o -iname \*.sh \) -not -path "*/node_modules/*" -not -path "*/bats-*/*")
|
||||||
|
|
||||||
.PHONY: lint
|
.PHONY: lint
|
||||||
lint: shellcheck cuelint golint docslint
|
lint: shellcheck cuelint golint docslint # Lint everything
|
||||||
|
|
||||||
.PHONY: integration
|
.PHONY: integration
|
||||||
integration: core-integration universe-test doc-test
|
integration: core-integration universe-test doc-test # Run all integration tests
|
||||||
|
|
||||||
.PHONY: core-integration
|
.PHONY: core-integration
|
||||||
core-integration: dagger-debug
|
core-integration: dagger-debug # Run core integration tests
|
||||||
yarn --cwd "./tests" install
|
yarn --cwd "./tests" install
|
||||||
DAGGER_BINARY="$(shell pwd)/cmd/dagger/dagger-debug" yarn --cwd "./tests" test
|
DAGGER_BINARY="$(shell pwd)/cmd/dagger/dagger-debug" yarn --cwd "./tests" test
|
||||||
|
|
||||||
.PHONY: universe-test
|
.PHONY: universe-test
|
||||||
universe-test: dagger-debug
|
universe-test: dagger-debug # Run universe tests
|
||||||
yarn --cwd "./universe" install
|
yarn --cwd "./universe" install
|
||||||
DAGGER_BINARY="$(shell pwd)/cmd/dagger/dagger-debug" yarn --cwd "./universe" test
|
DAGGER_BINARY="$(shell pwd)/cmd/dagger/dagger-debug" yarn --cwd "./universe" test
|
||||||
|
|
||||||
.PHONY: europa-universe-test
|
.PHONY: europa-universe-test
|
||||||
europa-universe-test: dagger-debug
|
europa-universe-test: dagger-debug # Run Europa universe tests
|
||||||
yarn --cwd "./pkg/universe.dagger.io" install
|
yarn --cwd "./pkg/universe.dagger.io" install
|
||||||
DAGGER_BINARY="$(shell pwd)/cmd/dagger/dagger-debug" yarn --cwd "./pkg/universe.dagger.io" test
|
DAGGER_BINARY="$(shell pwd)/cmd/dagger/dagger-debug" yarn --cwd "./pkg/universe.dagger.io" test
|
||||||
|
|
||||||
.PHONY: doc-test
|
.PHONY: doc-test
|
||||||
doc-test: dagger-debug
|
doc-test: dagger-debug # Test docs
|
||||||
yarn --cwd "./docs/learn/tests" install
|
yarn --cwd "./docs/learn/tests" install
|
||||||
DAGGER_BINARY="$(shell pwd)/cmd/dagger/dagger-debug" yarn --cwd "./docs/learn/tests" test
|
DAGGER_BINARY="$(shell pwd)/cmd/dagger/dagger-debug" yarn --cwd "./docs/learn/tests" test
|
||||||
|
|
||||||
.PHONY: install
|
|
||||||
install: dagger
|
|
||||||
go install ./cmd/dagger
|
|
||||||
|
|
||||||
.PHONY: docs
|
.PHONY: docs
|
||||||
docs: dagger
|
docs: dagger # Generate docs
|
||||||
./cmd/dagger/dagger doc --output ./docs/reference --format md
|
./cmd/dagger/dagger doc --output ./docs/reference --format md
|
||||||
|
|
||||||
.PHONY: docslint
|
.PHONY: docslint
|
||||||
docslint: docs
|
docslint: docs # Generate & lint docs
|
||||||
@test -z "$$(git status -s . | grep -e "^ M" | grep docs/reference | cut -d ' ' -f3 | tee /dev/stderr)"
|
@test -z "$$(git status -s . | grep -e "^ M" | grep docs/reference | cut -d ' ' -f3 | tee /dev/stderr)"
|
||||||
|
|
||||||
.PHONY: web
|
.PHONY: web
|
||||||
web:
|
web: # Run the website locally
|
||||||
yarn --cwd "./website" install
|
yarn --cwd "./website" install
|
||||||
yarn --cwd "./website" start
|
yarn --cwd "./website" start
|
||||||
|
|
||||||
|
.PHONY: todo
|
||||||
|
todo: # Find all TODO items
|
||||||
|
grep -r -A 1 "TODO:" $(CURDIR)
|
||||||
|
25
infra/.age.recipients.txt
Normal file
25
infra/.age.recipients.txt
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
# https://github.com/aluzzardi.keys
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBdUetLJMkr0Wro7RBRw/AXAx2iFocPgneGe3DHOZ13l
|
||||||
|
# https://github.com/gerhard.keys
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJrIgA2e197dXRzdNKIaI1XZxEpcPMh4kF5xRx/BCU+D
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTneuqI8M7q6F/sWEjZcpnHPN4BkerHtTtolZQdeIgP
|
||||||
|
# https://github.com/grouville.keys
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDrh+TE4jbmB/JvCkIA7aZEiuzzOlqN/Vw6y7Y7Vb1T+/vE5ki7n6JRqvPso01mhiXffnFFvyRrgGy/0KY60ZJEglbxcUNdCueq9AcITtrlgEt6Keq8UyuNqfMsEGQ5HUruO+nZxbFD7RxeXLhvrOF17W/yemLiPkZbHx73lHhxWbvHzxVOVGxMJricvG4utULOuRH63VZpov0r0/jd6H8NytNPXWK6dDXyaqQF/CQd45p6TKfn4dyIIewE+Nhc5s8iRXUatzx+6YaN5cWG3MtX0zSxYulclV1pDlk1PBlGm5ja2Ma7s1XwOzqPbowk3UkOVThOlvixaX1PNnyOGKSn
|
||||||
|
# https://github.com/jlongtine.keys
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwayLK5Ux8bdbY0weVGHVpKX+fyN/vx8HYuiJq9XHLkB6SKrBstAwIuDhhquMrY/oLJiPzevB1AI+KthlAmjUXOGE90KSXTkIfOVwSEhcF6RjgzlZrIKQlI+WhmBxuZK93B8wkNV5RsmtMY3aKBAmoRVzDlBLpGRknzUx2VpBIop1JuCVlB3mFK0TJruz631UVsXb1vsVxkVzKQC4GYnF7rAWKCxDRuHaU6QDQ5S95SQAoD/DNQZWm2IPEX+RGIkbFMG0EJQpU46SlPog+XEDarm1MnhIUmnscdV6duASQAd/HdqckL1oIcrYqgx1x6tFab9/UF4Ieiazay7EGaMqLsVYE/im+mVWUOnrHfySlHNkVc9PikAbsxN1m5RSAK0luSIMOX4rHrNRZWPGPookyfZl+G2Ub7OBCI8VkwVgg4WvUB5yJ52x+3liKKmetJ/gc7yxrjogt28p0ymRPMoEqLGwDj/oFtcUGk1CDkcQZ6cUvWUJ1QDCc1Fiku7vqLBHchAHhP3N3GKJTx38rMTnfzUArkGSJIhUvdEPpsFjSSNhlMOkgzuPl1GE/O0CCCVQ3zQRC8UaJZ3oF51z/RRqVwwJslJuiD0rHdOymira0vAV5GmWBGBPEUnALud6/tdPcizpEFb3DEI4/wn0OMkd1okW2fA1PzZ1Yx5B4yhh5KQ==
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJY1FIrb8L5X6B76XuAFofrr/sEMsObzto2u2WGuhT90
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGiMAsFaF8HfMPoENNpXwg6yp2DzVpRCBPFVMs2pNBGK
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILQ4IIwtzW5Ye7CeZtXaPavydC4/Jkd6EzZOd1NHHfhV
|
||||||
|
# https://github.com/samalba.keys
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDkK82AY5XUGWGcuC3uWGNId2gI9azHQCX1hb54IWGxY45PEXmCC+dJVDPNXYArjvZNwSrjPJUhnjWB0swyniEwLqQ2dPxOmtdqXz4nhPPdpK7JW+we5lDqikIJObBoWoCog1gEc3wQvl/g9kZuYDDz10/ObpuB138ktiDYWmtHP2fg/yPlujgCoBy8CecJypwndSmXn7gb4bvgNUUq1XLvNNQFkZU9pjBTr/BKvQn2XKmSaCVbJvt6E3Xg7J7mfEcd9e2NLKqxUmvXbp/Fm7S3epo2i5wv2RZoWuyYV3iKD9TBh8ew2G2vmoPkJBPiy/F2i18iSD/ittIYFAA94uTAToWy+7La9JDpUEoxrWWkWtvFPuREIymWabWM7R8BfrXk8IrKkmZFIObxMivgYYwxSJG6l6o0tWLjJ6xQRbw2JMBJc6yuLWvINHE+wd/FX+4X/E92WOE8/Ng2C7LEVowasY/0H5m/LWbgPu1EY77663U1uIGRL2qiOcDmAiBoRdyOzPiU+Yy8s8+cNg3MM53KbJjwG9j4hOevcLM22nMNm/wj4CCWRKDDpRbhqQAugVV9z8cLvEhpetQQJavZCw9RuNvvfY/Yn9mqCbyXkPeBubqqj8J2ySI0pY0Dj0OQMvFOUYS5SUVD44T8bgALe5cVDPVXG7gScZBXvqMh8CpTFw==
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIChHduoNVCHes4vY9TK6FIvlTYAZRbXxGSNF/aSMcZeY
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBPlafSmJnuEOKp5nvclcNICjx5kDd6U/Do4fY6+Td6
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID2yAn9FNY3oTM4ePJuIkOhqwWlTeaXbgtRrh4GnQMVb
|
||||||
|
# https://github.com/shykes.keys
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6XeLC/rHVI3B9TWIM+rG1v66EJMeSoyO6DpEt+kwyWvABBNm5dYJeUb5WZU3pt6p2x+VdNK8S8+x1PutzkyEpNEQ7r1OaG7uNz1lNpZMPS5iUfZMCh6meQ53+5Zt3d2OIeh1EiMBph+u24Lz3I7g4dMgaqSQW9e+OU4maAu3oyBnWkE1b31irjAt5xXHxbrbbmqsi0MNaiK94jCBedQHOGBg8j781hGwSPtUlKlaSJK5ZfGjm/3LUy25ve+2MkI9uu8JcX0RwMJ/vC6Sy2u9F7UH7zwYhAxI7AtbYeZClctLhCtw421Yj4ZeK4Wgb8qQQaGng8jUDnK8Ka45lqz7uE4pu2NwvJBYdzQcNX/LG6q2Z1plzOVZ6PXrkwzuUQd608HysUc0xXqyNKHQF0YKf9lBNUEKQpYhBk8AGJlyfdd3vT1PszDFvDz6AO5zFZOYlLtUOTEKbj/6n44xVvnPVqERwP7u8TjQzgmUJHyj48evH6niMB2XhX4IheOq3NtT5mQjafEAQHXMgn8TU7fYa3OuYWMO/vMXEpEVCLnbX3E01p/TlWXYKrD/nOVo9YZURsDdVLMJ8U6jPhwT/8K71/JJefgj4KjRDvOvRsmP9876AxkNtfV37zkQwu6k4vm4+MtB+2qCGWxaGBJk3jMY1R/yBi0OB0MfF3HAynHnk2Q==
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPkOs4K/ywiMe/oM16jP3UPgnGLuBN6gX/KdoQGthBek
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzn+KeEhM62rd/FomYZI6A6GvdCXgak111r5UgfY89eJ4Vi81ytkzKtbmYmS6p8euVzJiNm0g2B/u6C5LIG1SLpTY3vAMynSLpTBpGbEy0Lbmzyo2egbDUpuHycZ8EHOIH/lBafRJ1pMZK0CyR+wEK/cuu0GCeyn8TkabyQH2mAVjc6dLPmM9xnWZOXDBjlwkmLCSSPfFbH22iUqVPfh14DWd9fztrYj2my8HXjC6JyGf+r7RTOWdPMdNaI0C+nkI+6KBh/D7MgTCZGHNW6WCMHDceFWSPtCTDizKhz2k+5euhPmGrjfIIr7wocjWKtz0R7bEyGwvfNd/PNm1GMoEnXL1LK61ggitB2GuRcwQqeQ+6DMwLmG1i6HksjhLL/nBvvpgSKfHnyxZoHZshmhb0WMWNDJN0V+Pd/iM0HAqW0o3GJDaWlIUOoMxPDoAlGYmX27AI2IC2iqvzVpNP4saTfHFDg0gc/ToHnci0P5ugrfKPqXwTNzCngIcqUgrHMZS0CsP+XVczj3D3wzCMzBFZsNM6zXB2WiG8AjE8/akG0fKJ9KktE3gaYvn9O1pI8FowS7MVtPjRankf2+vhk4DYOWGq9xEYAJrvaOuymWVXd1+S2Nx8B6kL3MMJCnAByVcME8JUasVth/YvbiPACqBM58rI/52NslA6JyaDHZYr6w==
|
||||||
|
# https://github.com/slumbering.keys
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfBt8QLbmNmME16e9r0Rg2TTEWIQ2dQkRdYXYlBSwhA/wg6QMPxKVqUmOMebhrnVgnHgrl5yI7fqk2xtZd6+59nCm7dh8NiFhmA6nACCr7mYisZT0/ph5jNym9UFcr7LGF9mrkplf6Dx5fg+KWZHTUPZr6D23nRnFkBnC1G6DwHL64eW0lkfPeoS7+Vb09cyP3GifHkKxP0JiBqmRt7KmtCDcIwCEUP8oGV3fCZTOMHNVMtaucehS7kmJUq/VGhk+soPgyb4Ii/7I2XUm1eCoAlUyJz8qfF7xDyAGfZWu/et5ggVl3UCj47Gi3z3+s02enSCdpPSuskm+qCmNdor6ThKSe5PjAuiwXIdhtziDb1DVPRKaaXapHVV3RWuO0tjbb9bJ1B5JvE+6mdVaCg6PBwMJcY9NcDO3xx6ATxJ9Bvg53WxogKdSjqYMhCPsGd08/PihEyWe/pXWDCFsg5hbmKqsB5p857nsLbxjmW9M8EM/Ti2j5X+PBh7H76KC324U=
|
||||||
|
# https://github.com/talentedmrjones.keys
|
||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII4t9Xg9prIa9COG7t19FcNW5pordCM/W+x9le+NcGJm
|
BIN
infra/.do.dagger-ci-pr1499-2022-01-26.age
Normal file
BIN
infra/.do.dagger-ci-pr1499-2022-01-26.age
Normal file
Binary file not shown.
110
infra/Makefile
Normal file
110
infra/Makefile
Normal file
@ -0,0 +1,110 @@
|
|||||||
|
SHELL := bash# we want bash behaviour in all shell invocations
|
||||||
|
PLATFORM := $(shell uname)
|
||||||
|
platform := $(shell uname | tr A-Z a-z)
|
||||||
|
architecture := $(shell uname -m)
|
||||||
|
ifeq ($(architecture),x86_64)
|
||||||
|
architecture_alt := amd64
|
||||||
|
endif
|
||||||
|
|
||||||
|
# https://stackoverflow.com/questions/4842424/list-of-ansi-color-escape-sequences
|
||||||
|
BOLD := \033[1m
|
||||||
|
NORMAL := \033[0m
|
||||||
|
RED := \033[1;31m
|
||||||
|
GREEN := \033[1;32m
|
||||||
|
|
||||||
|
LOCAL_BIN := $(CURDIR)/bin
|
||||||
|
$(LOCAL_BIN):
|
||||||
|
mkdir -p $(LOCAL_BIN)
|
||||||
|
|
||||||
|
XDG_CONFIG_HOME ?= $(CURDIR)/.config
|
||||||
|
export XDG_CONFIG_HOME
|
||||||
|
.DEFAULT_GOAL := help
|
||||||
|
HELP_TARGET_DEPTH ?= \#
|
||||||
|
.PHONY: help
|
||||||
|
help: # Show how to get started & what targets are available
|
||||||
|
@printf "\nIf this is your first time running this, remember to run: $(BOLD)make .env && source .env$(NORMAL)\n"
|
||||||
|
@printf "This is a list of all the make targets that you can run, e.g. $(BOLD)make dagger$(NORMAL) - or $(BOLD)m dagger$(NORMAL)\n\n"
|
||||||
|
@awk -F':+ |$(HELP_TARGET_DEPTH)' '/^[0-9a-zA-Z._%-]+:+.+$(HELP_TARGET_DEPTH).+$$/ { printf "$(GREEN)%-20s\033[0m %s\n", $$1, $$3 }' $(MAKEFILE_LIST) | sort
|
||||||
|
@echo
|
||||||
|
|
||||||
|
.PHONY: env
|
||||||
|
env:: # Print all env variables
|
||||||
|
@echo 'alias m=make'
|
||||||
|
@echo 'export PATH="$(LOCAL_BIN):$$PATH"'
|
||||||
|
@echo 'export XDG_CONFIG_HOME="$(XDG_CONFIG_HOME)"'
|
||||||
|
|
||||||
|
.env: # Create the .env file - 💡 use the -B flag to re-create
|
||||||
|
$(MAKE) --no-print-directory env > .env
|
||||||
|
|
||||||
|
# Every system has curl installed here:
|
||||||
|
CURL ?= /usr/bin/curl
|
||||||
|
|
||||||
|
AGE := $(LOCAL_BIN)/age
|
||||||
|
AGE_RELEASES := https://github.com/FiloSottile/age/releases
|
||||||
|
AGE_VERSION := 1.0.0
|
||||||
|
AGE_BIN_DIR := $(LOCAL_BIN)/age-v$(AGE_VERSION)-$(platform)-$(architecture_alt)
|
||||||
|
AGE_URL := $(AGE_RELEASES)/download/v$(AGE_VERSION)/$(notdir $(AGE_BIN_DIR)).tar.gz
|
||||||
|
AGE := $(AGE_BIN_DIR)/age/age
|
||||||
|
$(AGE): | $(CURL) $(LOCAL_BIN)
|
||||||
|
$(CURL) --progress-bar --fail --location --output $(AGE_BIN_DIR).tar.gz "$(AGE_URL)"
|
||||||
|
mkdir -p $(AGE_BIN_DIR) && tar zxf $(AGE_BIN_DIR).tar.gz -C $(AGE_BIN_DIR)
|
||||||
|
touch $(AGE)
|
||||||
|
chmod +x $(AGE)
|
||||||
|
$(AGE) --version | grep $(AGE_VERSION)
|
||||||
|
ln -sf $(AGE) $(LOCAL_BIN)/age
|
||||||
|
.PHONY: age
|
||||||
|
age: $(AGE)
|
||||||
|
|
||||||
|
define get_github_keys_for_age_recipient
|
||||||
|
@printf "Configuring $(BOLD)$(1)$(NORMAL) as an age recipient...\n"
|
||||||
|
@echo "# $(1)" >> $(@)
|
||||||
|
@$(CURL) --silent --fail --location $(1) >> $(@)
|
||||||
|
endef
|
||||||
|
.age.recipients.txt: | $(CURL) # Generate all AGE recipients from GitHub keys
|
||||||
|
$(call get_github_keys_for_age_recipient,https://github.com/aluzzardi.keys)
|
||||||
|
$(call get_github_keys_for_age_recipient,https://github.com/gerhard.keys)
|
||||||
|
$(call get_github_keys_for_age_recipient,https://github.com/grouville.keys)
|
||||||
|
$(call get_github_keys_for_age_recipient,https://github.com/jlongtine.keys)
|
||||||
|
$(call get_github_keys_for_age_recipient,https://github.com/samalba.keys)
|
||||||
|
$(call get_github_keys_for_age_recipient,https://github.com/shykes.keys)
|
||||||
|
$(call get_github_keys_for_age_recipient,https://github.com/slumbering.keys)
|
||||||
|
$(call get_github_keys_for_age_recipient,https://github.com/talentedmrjones.keys)
|
||||||
|
|
||||||
|
DOCTL := $(LOCAL_BIN)/age
|
||||||
|
DOCTL_RELEASES := https://github.com/digitalocean/doctl/releases
|
||||||
|
DOCTL_VERSION := 1.69.0
|
||||||
|
DOCTL_BIN_DIR := $(LOCAL_BIN)/doctl-$(DOCTL_VERSION)-$(platform)-$(architecture_alt)
|
||||||
|
DOCTL_URL := $(DOCTL_RELEASES)/download/v$(DOCTL_VERSION)/$(notdir $(DOCTL_BIN_DIR)).tar.gz
|
||||||
|
DOCTL := $(DOCTL_BIN_DIR)/doctl
|
||||||
|
$(DOCTL): | $(CURL) $(LOCAL_BIN)
|
||||||
|
$(CURL) --progress-bar --fail --location --output $(DOCTL_BIN_DIR).tar.gz "$(DOCTL_URL)"
|
||||||
|
mkdir -p $(DOCTL_BIN_DIR) && tar zxf $(DOCTL_BIN_DIR).tar.gz -C $(DOCTL_BIN_DIR)
|
||||||
|
touch $(DOCTL)
|
||||||
|
chmod +x $(DOCTL)
|
||||||
|
$(DOCTL) version | grep $(DOCTL_VERSION)
|
||||||
|
ln -sf $(DOCTL) $(LOCAL_BIN)/doctl
|
||||||
|
.PHONY: doctl
|
||||||
|
doctl: $(DOCTL)
|
||||||
|
ifndef DIGITALOCEAN_ACCESS_TOKEN
|
||||||
|
@printf "\n$(RED)DIGITALOCEAN_ACCESS_TOKEN $(BOLD)env var is missing$(NORMAL)\n"
|
||||||
|
@printf "\nIf your private SSH key is in the $(BOLD).age.recipients.txt$(NORMAL) file, you can do the following:\n"
|
||||||
|
@printf "$(BOLD)export DIGITALOCEAN_ACCESS_TOKEN=\$$(age -d -i ~/.ssh/$(GREEN)YOUR_SSH_PRIVATE_KEY$(NORMAL)$(BOLD) .do.dagger-ci-pr1499-2022-01-26.age)$(NORMAL)\n"
|
||||||
|
@printf "\nReplace $(BOLD)$(GREEN)YOUR_SSH_PRIVATE_KEY$(NORMAL) with the name of your private SSH key\n\n"
|
||||||
|
@exit 1
|
||||||
|
endif
|
||||||
|
|
||||||
|
DAGGER_CI_NAME ?= dagger-ci-2022-01-26
|
||||||
|
.PHONY: dagger-ci
|
||||||
|
dagger-ci: | $(AGE) doctl # Create dagger-ci
|
||||||
|
$(DOCTL) compute droplet create \
|
||||||
|
--image debian-11-x64 \
|
||||||
|
--size s-1vcpu-1gb-intel \
|
||||||
|
--region nyc1 \
|
||||||
|
--enable-monitoring \
|
||||||
|
--ssh-keys 32985130,32968299,32835944,23961075,23698535 \
|
||||||
|
--user-data-file ./dagger-ci.cloudinit \
|
||||||
|
$(DAGGER_CI_NAME)
|
||||||
|
|
||||||
|
.PHONY: dagger-ci-ssh
|
||||||
|
dagger-ci-ssh: | $(AGE) doctl # SSH into dagger-ci
|
||||||
|
$(DOCTL) compute ssh $(DAGGER_CI_NAME)
|
28
infra/dagger-ci.cloudinit
Normal file
28
infra/dagger-ci.cloudinit
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
#cloud-config
|
||||||
|
write_files:
|
||||||
|
- path: /etc/nixos/host.nix
|
||||||
|
permissions: '0644'
|
||||||
|
content: |
|
||||||
|
{pkgs, ...}:
|
||||||
|
{
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
git
|
||||||
|
htop
|
||||||
|
nix-diff
|
||||||
|
nixfmt
|
||||||
|
nvd
|
||||||
|
tmux
|
||||||
|
vim
|
||||||
|
];
|
||||||
|
services.do-agent.enable = true;
|
||||||
|
virtualisation.docker.package = pkgs.docker_20_10;
|
||||||
|
virtualisation.docker.enable = true;
|
||||||
|
virtualisation.docker.autoPrune.enable = true;
|
||||||
|
virtualisation.docker.autoPrune.dates = "daily";
|
||||||
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAl40j8zO5APwryoo8Ai0GiHkKWPA6MxPPVjEB6Rc1bm dagger-ci@2022_01_26"
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHUK9LTCmlmqHQahsqtUTTWfuKkdxrh80hkpasdI+PEo dagger-ci-pass@2022_01_26"
|
||||||
|
];
|
||||||
|
}
|
||||||
|
runcmd:
|
||||||
|
- curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | PROVIDER=digitalocean NIXOS_IMPORT=./host.nix NIX_CHANNEL=nixos-21.11 bash 2>&1 | tee /tmp/nixos-infect.log
|
@ -3,13 +3,13 @@ plan:
|
|||||||
name: docker-command-ssh-key-passphrase
|
name: docker-command-ssh-key-passphrase
|
||||||
inputs:
|
inputs:
|
||||||
TestConfig.host:
|
TestConfig.host:
|
||||||
text: 143.198.64.230
|
text: 137.184.58.110
|
||||||
TestConfig.key:
|
TestConfig.key:
|
||||||
secret: ENC[AES256_GCM,data:pXfs6sc+ObCWZC5wHTcOX3PJYh1KLIPeq+CggNIg2LZhUDQdFgUbzn/8Jo6mX2XMhcB3fkg4hzZ1WihnThL+2x6P23gnta6YYqBVhvnC1enmh28XfqGEmDnYjD7eM6ZK41a1Q6VxQ/SfJPL/01KmE0mlB+CAGxJ4BL314p2g05l3Sxnf4cfPU3s4MC+ZJNgumj5LcogMSh6pqP1EJBDgXcL7Eh7lVq5ua38oXXXJc5aq0O9HlN65ZRuwVjmkCLbP34Z2+91XDaKBUBkmzRjuaI20MZfJn+d0gx3cAiYoDxdhjsAa83T2q50CXw9j/HEiSSPRRfNxTcJajLvTnUWJ1Hm2j3D1ptmRikjntwqeDK8BObunvQOebxx3Iqc+iAi32oKF+nSLyBu/CbGagg/TylvZxW2Y1+ZzCz9oSUkTsyHWXV9QCvjV9oiawxiteTEu/ODXmiCNU1tOlyIYT/6dAGFV2M+oaKWwEQ0gDdOO3y7Yf5Om3y6fLbTI2QKy3c0ZZdr/LRIEdMyt4OWn7ivvP4axXiZUkQjDUq+umgXV+lfdOKn+/sQ4wpkeZNe/udSHMs3rV+zEwN33zaLh7bfoUGnBxpXEs8aAU7/8zX/Jz3s=,iv:HkRMWpV/KlEdVdS7rhZXHuF40mks6KPYW4VzB7CvWuw=,tag:K58zcFb+4TgOKUn+4q/8CA==,type:str]
|
secret: ENC[AES256_GCM,data:HqbZ1OQCVoWL596lSbmhO7bRXqDbLdXlx3GJFb33W1C7cTqDWQEvUNOsrvbmJ4BYqTGU5yXnljxWn+6XjtfZE4514obTfmck1hsxThCWulRWweqlnP2bEE2hr9Sl5ao4ng4q1fJpJ9L/gcOwv49P8G47jSG3VHUnf9/b6se464irP8iV/Fd8xF/QqWlDh1q5OnTFyfn4huq369BqQcr2WjCD/uPfSZQ9WyWd7lUtgytG5rXcc9eKZB3+ybRL6LLdBpPEQmPT95do2EBL0JzBHQ6YLju/GDV+ippNVDQMSvQRQeHIv4RIMU8CFSi0j73OoykgJ1BPnvYxwh5RYaEsA4gTVCplllXk/wGjRGbFE7AGBEADylksowAWk4q0d6Q0Rw8QJceWgTxRMXWNGg6+qLmKrGPSMli73fMpDwe2YI6vhTB6UiaCHiedZYqB6nVaDW0QrhmhzCudac23QmZ7gpS2WOdI/uz7C/VwmBw1xWKJOwlHzTk5Edesve+0iiHqYPe48ayMKSsutiadEGcwm5VtlHlEgYrfQwM7dmWLZW/ESERdUPju2ExZG/SCG8SZ4wmlxvqBxBDg2PfgNY9ll+hcG7CHKWSQ3JS1o8faeHo=,iv:wuc6I9GsQ7n91d5o+hiZpQ1QJ0PI0G+TM41sUiPsQg0=,tag:DQAkrYKhIgoathJvIJgivw==,type:str]
|
||||||
TestConfig.keyPassphrase:
|
TestConfig.keyPassphrase:
|
||||||
secret: ENC[AES256_GCM,data:sD67l42Fqx8=,iv:PADCLxwy/eIwDLC0k2NUJYOTTrgFvra0EIKr0HvZpZg=,tag:ei88VxuqVBvz9ZLNhighQg==,type:str]
|
secret: ENC[AES256_GCM,data:+WK0MDRLbEx0xoEk6MQekfNnNF8=,iv:IGd2nsfNEOq0xj+ilFLC3c5AQqANaIod75SW4Y8i4Vc=,tag:HK3bmelnlXc1P2Pe0mX77g==,type:str]
|
||||||
TestConfig.user:
|
TestConfig.user:
|
||||||
text: daggerci
|
text: root
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
@ -25,8 +25,8 @@ sops:
|
|||||||
cW1kbGZveVlkQkJDL2xYbmFRNjZEK0UKrSrOB/RL5lki54j4GUCE2G3CCO/8jpMU
|
cW1kbGZveVlkQkJDL2xYbmFRNjZEK0UKrSrOB/RL5lki54j4GUCE2G3CCO/8jpMU
|
||||||
jfYkl7Yowb7kK3kKSNWORhB4ne3MEeGRZpJC8cvH7zjGvt/YYeU14A==
|
jfYkl7Yowb7kK3kKSNWORhB4ne3MEeGRZpJC8cvH7zjGvt/YYeU14A==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2021-07-08T09:53:07Z"
|
lastmodified: "2022-01-26T22:45:52Z"
|
||||||
mac: ENC[AES256_GCM,data:2mrnKyVpRUwbUq6vpW6sTX/ctyz/mz8sWm6aqkDnWxHGweBTaO8aNWl+n0m83hbXbQOzglCWKiVrUdIln0FCkGgAklOToWo3xyeHOn4kFAQFfYc/k6sbKQw6RdcgQdeOXyqnzUmp9PurU/gGtVHf7c4AoROQEye3iHD+encqcwA=,iv:MTphFxFBHHQuAYNcPb03/5lB4xNCis9JdeXxaHhk9Tw=,tag:wSmiD8dFxtEAcsiBBXT2Rg==,type:str]
|
mac: ENC[AES256_GCM,data:o3am5VpObi632xW3wgw45ykcDZmjFofbbNkSj5mlqHD+F5llLMsVFStKzBJ/8v5XqKsUekRYyTN7wPTbKD4f6WQT4hsupwDxVEIMTFmjThOZQSAj5ia45SRNGyzuaO1ccclBEZzDdEQf3vnLJbOtIFaomVov5hvtijr5cfwUNN4=,iv:RxGI8NY41Xn9ZI7p0u9WcE0suVd/v5ODsTnLsV+ukVY=,tag:lqry0R5RWlvOXvjFiwAMPQ==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
encrypted_suffix: secret
|
encrypted_suffix: secret
|
||||||
version: 3.7.1
|
version: 3.7.1
|
||||||
|
@ -3,13 +3,13 @@ plan:
|
|||||||
name: docker-command-ssh-wrong-key-passphrase
|
name: docker-command-ssh-wrong-key-passphrase
|
||||||
inputs:
|
inputs:
|
||||||
TestConfig.host:
|
TestConfig.host:
|
||||||
text: 143.198.64.230
|
text: 137.184.58.110
|
||||||
TestConfig.key:
|
TestConfig.key:
|
||||||
secret: ENC[AES256_GCM,data:dbIEUHadOTOdPrmMAgyLGMdIY+FuyWZvv4mRyjr+BbLZavl7/fH6abiQFpPY0x3960iqPB+wEM6wG+VPDivHTj1QRVMGPIV8ZGrfeR/mfeDuaKXDttkWgRN8vyHOZ+oKnI22913tvK59gNbJX8fR0wPfqOCEWbzy+bRBh/bVH//CMwCoSU+v2rZwAqOnGyXCyeGbp+wo5xMufv+Dosgb4uhFk1CPQJfKfBJVMf1EJS0e9/P8GS5UUjevR9eeRnCJ7kdHu26b3lwAHhPWv72O/yuOIKItrgMkSuHz2H2BFdgt5xq/h/SfrONMwymg8+oEiuS3n1C8ZBv8I4RE5XF6GX/xWb9dZJLctbi6oBELtvKXhswnB0PWSK1OXMgrJ5yYFeBPpaBptRBxl0AJhOG92K6xM9O0cRxAT+vtz0zvJ7gIQDZtngcTTS+IMN6Kgmx4daW5x14FbRJRGKKqU+PHeUW2XpN70IwkWXZfLs445O9w8teayPUu3KePZJo8eLkVpWJIyVUnrk/5VIREV8EYZzRFUwTtwYSTefGycPfjz2L01xQR0fn55DxJpcLpCLqjGRhWHQE6Wn4j6aXyzbOXHMIYgw+Rx1egjszdKzgCWaA=,iv:CZyN1UCE0nI2/ch5O7kerfYBbCgoJX+dPvh5dRO3cxc=,tag:hwBmnOdC8Na0dwyUCU3QDw==,type:str]
|
secret: ENC[AES256_GCM,data:9H5WgztxyzMQPtXFvCOdjTDx9XXoGmF2C+Ml9GD51EDCMMSgmMSGnHn1R4iB3fF8phkKqI8izvPf1yJxuAJVy7RuY0SvysSGSUKncwNM7tZ0Ca/ItZx9rcQfViE44sN0Bhy5PtiEP/CfyCYzQfytjZL1AvnXLktKwuwtXOFPR9CgUtBCU3pgXlAfu23Yiko4L0RjzTVqai+T7BC5tjQXLVG3CzQexj7eo/QsrQoM3PZMWlANg8xSnjQabkfjmREN6TcCM1YsLNLEnBOZwbh3qpBuoDBmoc8WLQlNWALh4kRZgyMwvNlXRMK4I+BZ/GSo4gRvAHXEtDNbCPNINcOb3/j3yPnxNvBdLR4fSfHInvrgM4fcPmgMaJOMhFhR6i+f+La/JnNmwTSPnISh7p8gDsBRbRxZoTlCjGf9v30Bg9KQqSsFu5vsmnAB8+dbnqiyaPyz4TuoRPA0rnx0JQDIDbX1cntFV2o/HVQlPLpcNx2mSoFiAKpapjowOkcCghTFWP+unRdubCr9wVEzmkRkQHgvIsOwzQjPBGX+bQF9vCf+8HZ/qBWxFaQMHTpIWAMXUTf2QNawvZQkj2RWoh7zG5cD3y8JTEUCD+2eUXedx3k=,iv:9nBZTTbL/mvR/Sy9W+ozDWeoEfrGYxtm1wxIbx53HqY=,tag:KbOHlBNJlMZgpUi9AEbKSA==,type:str]
|
||||||
TestConfig.keyPassphrase:
|
TestConfig.keyPassphrase:
|
||||||
secret: ENC[AES256_GCM,data:RZK8tx7PZaYtmg==,iv:yFXA8CROxAbrhz/i3PQHeqCFh4rMo+GHITpVxfAOkdo=,tag:Ep1J0nazTcc8EjHP6GbwAQ==,type:str]
|
secret: ENC[AES256_GCM,data:1VJ0/g==,iv:4zm6VTnb29Sb/a+FXQ0vqF79vjbjVTdmHMNdgftjV7M=,tag:E5D/qDpFY5cTRhWKvp3YCQ==,type:str]
|
||||||
TestConfig.user:
|
TestConfig.user:
|
||||||
text: daggerci
|
text: root
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
@ -25,8 +25,8 @@ sops:
|
|||||||
R2tNU2JJWHFQTmhnUDd6eE13UUhQazgK+OQ50Q3+S5Fn2Y132ZeDrgUKWPcAk+et
|
R2tNU2JJWHFQTmhnUDd6eE13UUhQazgK+OQ50Q3+S5Fn2Y132ZeDrgUKWPcAk+et
|
||||||
q8ppfZiPOtH4p6MwboSuh/vaTAAsxks7ctnqnU1pY+EHfnp8bHYHgQ==
|
q8ppfZiPOtH4p6MwboSuh/vaTAAsxks7ctnqnU1pY+EHfnp8bHYHgQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2021-07-08T09:53:20Z"
|
lastmodified: "2022-01-26T22:46:36Z"
|
||||||
mac: ENC[AES256_GCM,data:TDPIryvA+UdjGBuKPE5/OIdC8fv20/AA1EVuG1lspq069VaB4A+6esndMhiuA8cBNalpOSPRZXfT1dzI/xxmir161kpgHJbofU8K8APAWohBrNcOgMIbZApcpmGn1oVS2emkGNmARsJq7WSEKI1iRSRTHrvJFrs5Jvx293w476Q=,iv:GM66eqUNVEF2x5cFGyc7QhSaw1m+qCYuLCZvBEMD+Wg=,tag:NTVaLL5E5/t9XpxDJeU/Bg==,type:str]
|
mac: ENC[AES256_GCM,data:Bc7LmOx1lEb4K+BszbT35YClp+C4euJaZzzHkEYqxXRT/+CErRYH7vChk+6ewfMP/NZzg4lfuCK2mGfl4c3yB251sjEv0hvMqkLn4lCDBSnAkIO4EnpbGPvHNctB/GY3XrXFNM/AQ4Ez2mNUDchuJAQkw3FmOkMsP2jE7ZIDf0Y=,iv:x7J0gtt1WwWzMFgaTuMYQuOlNM9MgzUjMIQ+P9ibbIM=,tag:fKOf/x9XsIFixWg1RaN00w==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
encrypted_suffix: secret
|
encrypted_suffix: secret
|
||||||
version: 3.7.1
|
version: 3.7.1
|
||||||
|
@ -3,11 +3,11 @@ plan:
|
|||||||
name: docker-command-ssh
|
name: docker-command-ssh
|
||||||
inputs:
|
inputs:
|
||||||
TestConfig.host:
|
TestConfig.host:
|
||||||
text: 143.198.64.230
|
text: 137.184.58.110
|
||||||
TestConfig.key:
|
TestConfig.key:
|
||||||
secret: ENC[AES256_GCM,data:gb2yFGdX3oqjPpQmqn3gr0hqLAHMFBhzLEHI5Bi+VN5Op/SCSjfA5yEC0Olb/Brzssjp0i6PIPBPPwW+Pj/gDuSR6CqzGlAkF1Pz/Ks6R0zqWkcR0gFImXrfRzeflgpGagPBgPsRBtPcoY7WqJQ1Lue46cJe7OTNPRT+X9oDek7mk9ZiIpJCUQQVN0+alWStOPYuTjRlqcSfao+B6hnC2fMtcCWpVxz9Sj8UpSwX4EHLU5GsHr8ioD+BP7BCPlhP/aSKu1iwMaiMo6zRn6V+GtSGX4JrwN53CYSjGxi1g9RiFMCFxcWsDVA+hCnzAdzO3pMEmTL5xHZ9MoMLbOwEhN3Rnh+HX61uTq2DRfqGhKGtjXjcewOxb0NezGCj93Y0ov2TtBBo7wjYEi0AmI3ljCwoq9EDRYKg1a/w79FpGVpqoomd4XrJYbqP0SnHO0ZrsSLqKmqdIoDYbfxR7zprQQsN0ENOdDVf9WdTnHSJMSC5MTmyqAOogKZN1nNzW5LJQ2i0JUt1jl322RzdQ+brBLWiohVfenCy/23l,iv:gceSEfG6Eu2Pc9+JZpH0CLITNVnYFyN21drPneu15wk=,tag:zmYtioa5LTPZrSeFNmaBvg==,type:str]
|
secret: ENC[AES256_GCM,data:y+EideEd0sTJ4FF0L8neepRT79T8GtE95dGNywkkG9EV6G81ewwyfkAQsF0Lgdtf/Lziqa/v/8xBQJwnfjTAqFi+qHPYvKjXAqgUyfeHSPTvHWudL4ELHcIu/4YvvUYOu5oaOSxeeb8qElZ2id9GyFBV2cJVywfHBagAdGuejnVKfHSMyZLc6Dxdpa+QZt8srPv4ZPnJUN6s7tOC0IgDESsRBFSgSE5ld4smb84QbP1bfNzSPW1Jq+vo1EmoTJgMjsOkjSDfXC0+rLdpHf958ZPLZuM5L86hx8BHauQZ1v3qNXChPNFbEbhEO7yrFAWlXc2GqvDrhAJlTYo+Xl6NPpE3cixcwgFtwEc3EHln4AaRxs9UZnx8s8qZ7Ys4iGU9nWdnWYIdPTxtcFjU7hdTcSYxCfDZMLYozT/9cyKaOUtI3TW3+bEgXUu6Zn6ABpcIZjf6ZjjfPXtS0cpKd7wCWMXGgPozO+PayFgJndJJteEDQb55r5oSaLbajpmrlrRNOXxJsGNhTBke9PSdJ3DGCS6iYigDsQ7S3mYW,iv:jKm2y1zzH2kvPkuDnJRNa8l05Nwbc9bf3IPKhMwRdVM=,tag:xDevSihBxMI4eOTb2iGREA==,type:str]
|
||||||
TestConfig.user:
|
TestConfig.user:
|
||||||
text: daggerci
|
text: root
|
||||||
TestPassword:
|
TestPassword:
|
||||||
secret: ENC[AES256_GCM,data:8G7Cgw==,iv:+hlWzOxy4H9OYwP0x+7LIMFhQoebmP3yUGRuhPSGGgI=,tag:i+dHE+W2zud5xGvWL5PxVg==,type:str]
|
secret: ENC[AES256_GCM,data:8G7Cgw==,iv:+hlWzOxy4H9OYwP0x+7LIMFhQoebmP3yUGRuhPSGGgI=,tag:i+dHE+W2zud5xGvWL5PxVg==,type:str]
|
||||||
sops:
|
sops:
|
||||||
@ -25,8 +25,8 @@ sops:
|
|||||||
UEpoZy9HZUlHOVV3M05OSkZQS1l6aXcK3NfBITvd6la6nkcIzqH69xfv9RR0Jm7x
|
UEpoZy9HZUlHOVV3M05OSkZQS1l6aXcK3NfBITvd6la6nkcIzqH69xfv9RR0Jm7x
|
||||||
vU5FvGROK3Z0ZR8NNXAtNH6VQQ21TDD2MOXWOVvjnIAAOVNEyc1amA==
|
vU5FvGROK3Z0ZR8NNXAtNH6VQQ21TDD2MOXWOVvjnIAAOVNEyc1amA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2021-12-03T17:55:10Z"
|
lastmodified: "2022-01-26T21:13:07Z"
|
||||||
mac: ENC[AES256_GCM,data:phVOMaY+57UEzTDQ9Vf1jdcesonG0s44qXVyfFrM2xuRTDffdgmR8uzboSQ5S+5u4fg//nz17oE9qaLe1ST1X5SekZm1z4KCK7Z29bqYvrywOTlmeBpQ9vDOGjY+BBnMnWNjLrC0bQ5bfVG1c1V0PxDuvey4EoFqplecENlEVQ8=,iv:kk/X/R7cFvaLaa4YHvIUOE4VGqdxFFmtxEspP1Uzp74=,tag:XrvWLPb5w7417T8LeiGCkg==,type:str]
|
mac: ENC[AES256_GCM,data:QHSy5Vryhe3G4OS6GRs0t24VuG2HKbka+WuC03CKTOaHlpE9K1l0kuXtFpEzGGxmYs8FKUW2Gb+K3HSP6L/w3T0D0jY9fvSMrX7anQUCzIqRlzxQiQ+ZYueeV9Nr8hF78QfN8Ix+vY03u7KaAWzc0+yHtxRsDAPGjArvrG4+vBs=,iv:ni2u3M1EUsz3wndefGxdhX4Q/KwcZ+FZaFgKhRep22w=,tag:LC3KBS+ijbn01HzSyySQDw==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
encrypted_suffix: secret
|
encrypted_suffix: secret
|
||||||
version: 3.7.1
|
version: 3.7.1
|
||||||
|
@ -3,9 +3,9 @@ plan:
|
|||||||
name: docker-compose
|
name: docker-compose
|
||||||
inputs:
|
inputs:
|
||||||
TestSSH.host:
|
TestSSH.host:
|
||||||
text: 143.198.64.230
|
text: 137.184.58.110
|
||||||
TestSSH.key:
|
TestSSH.key:
|
||||||
secret: ENC[AES256_GCM,data:8heZn3UqcB0aV9XAn9uLx9gBcTqbmfNX7voBpYCNCGaX1nustSzKhbR29dxAoETIdfSFPetX2s4cCYbPTqFc6KTyRvfdmI8tXvb5+lin/CkdQJy7cR+RiynLEfbs32EPQilaph+kyGyGBAWAme49g8U2om/QObxCSes+Zn8ihfv7lBkLEj8hen2OC7YwIqjs9V8ozNCJ0zsk+NIk5LkryXdWTaYvgGHOmO/NuWz411L/pF1HieOV1L4Fe6E5hsUun0kVny8GxXQSbVCKle9A9TxD2bs+IBVNAUZVTsrjZYyTjYlNNgTaOqPASS5VDrOtR8csrGJ6GyGxtGrtRdhaoXYQA1zfA7uMfSMNlCwk3VB70P60s0U9tKr3HnRFX6rQdKcUwR2a1zbJ8UmHPy9apsM+tc+m/CAb8dkdu6UyiwvBK+kyPDyBVz4rwyhmtiB7cjw9vXYWX3hbZcE0e3RR4Upqw5NkIIlLfNH7T1fPDmVmIlXQk0wKIZJ//dwdJZyrraA+RRtG5b3PECSojIN3x57LnHdIXfp5drHK,iv:xqGFk9QgC6YwqFODSLRwShf+SMyY4PmtfWt5neHwfSY=,tag:vVZtGty5ehLvYzd8H0+Xsw==,type:str]
|
secret: ENC[AES256_GCM,data:Q3rJqH6p2t315up5R0XjPFy8fastZ3nEes4ZGFCIZhI/ULo+4PCMeVubJJ30mJcseMMRj8EA89PrKmQeualQNWYEB3ytNi/OZwvXmCGKmnmAwAg9jGBskWGvyh7s5tztWF9DVTFqhK3lQV5wF9PNrTVBbHRrDWWO5AQVIFakDsMCbSB5Tmvjo0QYqq2DBBEK8k3aH34srn1f2no1ih8DidP3o9VqvSl7t0US+okT7B3V+v0N0B0/kRQrtgfv5WXx10TUWAxySRmLofIsWPH2EXjzdFEo5S4tk8I2nxGMPladNzuMe4LX+er2uqf7iE578K+XoVePq2Bdn6yBeqK3votaFT+D6qC0e112IW8a1nHxX2taKCCY11EKr18ZWvj0YYwjvca/tdqjzSq+SqSEaLiNtrrPINriER76SNzxZcTBTBY1lYA3IYhNzF67DQBh9di+beh5Lyb6nOV77zLXm7K8l7dlYSm6piAHyJZt/LZwgQFDAVv/F6x8zqLPclXJodR+z5yrHhtHFlqCCTNpp1trL6wXaOl3MNxo,iv:GXOAMgvBnyedRMG2izQBPDxjdsjkJ9FUi1BQJeRFoBw=,tag:FJtPBv+q5hGfcR3gTmEIPg==,type:str]
|
||||||
TestSSH.user:
|
TestSSH.user:
|
||||||
text: root
|
text: root
|
||||||
repo:
|
repo:
|
||||||
@ -26,8 +26,8 @@ sops:
|
|||||||
bEY3N3ZLTFpUNzZVWVBOK3VNRk9hWlUKd9db3j7FqFW4t7TxFyzudKDPTVqr66v2
|
bEY3N3ZLTFpUNzZVWVBOK3VNRk9hWlUKd9db3j7FqFW4t7TxFyzudKDPTVqr66v2
|
||||||
KqedhRYCjF4ZozN0H++xQPH24RBRnwc6Uq0Vm38UYv1ozDN2L/l5DA==
|
KqedhRYCjF4ZozN0H++xQPH24RBRnwc6Uq0Vm38UYv1ozDN2L/l5DA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2021-07-08T10:08:56Z"
|
lastmodified: "2022-01-26T16:47:21Z"
|
||||||
mac: ENC[AES256_GCM,data:UBPicypRIVOPVTYU3W1Erw18k0xuAAYkPUSFP+4VSHwYo1vfcUjCQdJwUv8cQdJSPkdx428s7Hq7jRK7yLc3tidzxsI/ad8bIobIIX62bTGVfVl7PRQ53XuO1Ggg7oZpwijx8l8Cl4WgVjivI4bV9RISrgATFzoEjH1w94s94aA=,iv:KgdsHR6VKeSwSQ+yjm3rLKTzN2BfCaJpHYZO3uMYOqU=,tag:cU6o3+uTelHcHeR0mqpvrw==,type:str]
|
mac: ENC[AES256_GCM,data:tpXsVPpzLBMF5ytMumpl3D/lbxMCy9CLhFkJ8xFYwUmoCKIxWHAyXBcUO4Yn3B4NVrShnAXm5U6ctQYBNLQh7sMAuakeOzlDU9E3sK+drFlwW5iuddCH5ksjCPKNIdOKt7+i6O+984iJs1xHLNdsOsyB0bH814RFBLACSv+gHls=,iv:KL9W6YS5T864wGOS4ONdHTOASmDBZerL6TaaBf7zrQI=,tag:x5/Lr7OovvbaWQoMWx7z5Q==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
encrypted_suffix: secret
|
encrypted_suffix: secret
|
||||||
version: 3.7.1
|
version: 3.7.1
|
||||||
|
@ -3,9 +3,9 @@ plan:
|
|||||||
name: docker-run-ssh
|
name: docker-run-ssh
|
||||||
inputs:
|
inputs:
|
||||||
TestConfig.host:
|
TestConfig.host:
|
||||||
text: 143.198.64.230
|
text: 137.184.58.110
|
||||||
TestConfig.key:
|
TestConfig.key:
|
||||||
secret: ENC[AES256_GCM,data:ewAmTZ7rBhcnl+Gq/OtDHepSypeSWcJU7D2KURc8usPLetdzFB7+3XTgLWmrKS/CUdHdTY1ND2CtviekLZOgfZpOEy1WpyJsVOukivTOcZOH474EguEd8LD9Ka91CiYuyv5gCKQX5QKG1OZ8tS81Nmou7o2gM9J++1HK2YzlPSUUglY5v0oeV+TQNRzSbim+5Xis7W8UoBBZKmw6hbVbyaCJl0eHhpRiBZuOH7/Q2nPwkdAmh75O35V/aBrrfUFNp5CT4OdyR/IrfnzY+Du9v+GpkRnCILFCiHJzd1as5ueVXmCbydNtVTWzhDnkQzJj9q780z9W/2YFMOp6I/cpHNlxBq9gXC3ogcHM34N6VcbVHC9gSHGNcOufuDUOXimbgboLNta9Icosj7GQNAq8hTbV0mbS6P+fYtUnDQMo177pjRPAHVNXpkQnuXb0jhPi2+MgdaywbXydcmD8F/WsWzqRxi3piL+W9QRn3+CzpI/z00svzJPUI6bRuC7gkfJUjUnyOyP+x5RMXzA8aoj1ufHzZS/nB3XesUS/,iv:gfYm2yjbr4IrAoRhPS9jbn2HwfQEhos2Xz4ghNkb0/k=,tag:lUGS4KBVczyzwu+Hp3ehXw==,type:str]
|
secret: ENC[AES256_GCM,data:wC1a/5dJY1wwfIakJS0o1NYquljhdC+TnG31JGCh8o5SXn7oHflD6bbsgb4iKp7Mr5/4rmVeeucSmK+KifdMwXOjsd73EgEUUIRFDfd1D1atO/OivNsvIFYNA+E68nVM8m4FLVnwxaEQBJ/ZbhUzyU18KwU19dQsvI5PvbNS8Q4Psv3684kZvUXJCu+lHyKu+xe4/r91ljbz+G8N+XCHR7Cw//VEWM2MGp20dMEgPWUEJnjcBleqXug3SQamz2R6wKw89AP36k+IEq+uf9KwFhOHGvqCHShdFmJa0HXfPT9Yy7cGGOqPFYH+oWcUefiq6RlenJlryJGwt/MqCHKuMRi1vUnqpQCpBv+rTsAEHLJERl9ReMHuWAxikAptORnVoNf2cmxqqhwt+2P+yjz74PtpSzL5Clp45AuCABlYJmeHchi5cLQU23Sc48BTfAQLU89WdjCxnQnlY7wgdYpFRZ8oxvl6UjLNwBUUDfsQj9cQdalxeQ5cIP1lXL3Mq1OcDL5qc0mS4Ni0lB2j4r08zdb7LIkjBtQGTUs2,iv:M0SpPKJJ04Mysr0ljT/1KCjlNsDTXqcfbFEqK/AuyOk=,tag:BgLREx5+12R/UlJ0KJTvkw==,type:str]
|
||||||
TestConfig.user:
|
TestConfig.user:
|
||||||
text: root
|
text: root
|
||||||
sops:
|
sops:
|
||||||
@ -23,8 +23,8 @@ sops:
|
|||||||
cnh2eHU5TzFjVkNvTzUyczFBL0pwTDQK60+wrLmTaD3Ws5ZAXdqBkMjaVP7Iz69k
|
cnh2eHU5TzFjVkNvTzUyczFBL0pwTDQK60+wrLmTaD3Ws5ZAXdqBkMjaVP7Iz69k
|
||||||
UrkqkMbaUlvvSKK7dB5MuTGEEN6A1viAGal9ZjDHlSobkNPuE24QEA==
|
UrkqkMbaUlvvSKK7dB5MuTGEEN6A1viAGal9ZjDHlSobkNPuE24QEA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2021-07-08T09:54:24Z"
|
lastmodified: "2022-01-26T21:17:03Z"
|
||||||
mac: ENC[AES256_GCM,data:zp50aXIr5Px5LfDjB8kr1+/iR1vf9XD9TRuM36sdyeg6/BsIuP1t82FxCdryY1gb9YFO4V6kuZvdKQdAMSLMHI40be6QqrDv71hbwL8L0rtv2hAMWyRHjPSkBa/FfI00WiQESkHA0/0eU2FLEdPiqftwFjOwNolrHmcPIGyW06Y=,iv:2jRjpNombBsOwJzA/odGjVdqrDoLKVuGzTBxMkbF364=,tag:IbfNbR61eCddcURMPPbnWA==,type:str]
|
mac: ENC[AES256_GCM,data:/rE7qmq3UW9UdZta+Um6i5kErbmosTAVkt9+nKZSESX4WiV9eRYqcjJYfI45JymFX7B74n8TOLDW5v1jk5EejR94L7R0TB6gAs0kDdN2JNlaxcmfRkT+vzs9eq9DU7Ts+5XGLlZ26R1NDCHFBiJSb2BhGmUWelNhaHqZ6Z0WvIg=,iv:uXL6WNAd2O2sgKoraBXaxh8z71+z8I5WKYcuRXDiY8I=,tag:qJtcCesIgBPVxzwqFxg8ZQ==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
encrypted_suffix: secret
|
encrypted_suffix: secret
|
||||||
version: 3.7.1
|
version: 3.7.1
|
||||||
|
@ -109,7 +109,7 @@ import (
|
|||||||
echo "$FINGERPRINT" >> "$HOME"/.ssh/known_hosts
|
echo "$FINGERPRINT" >> "$HOME"/.ssh/known_hosts
|
||||||
else
|
else
|
||||||
# Add host to known hosts
|
# Add host to known hosts
|
||||||
ssh -i /key -o "UserKnownHostsFile "$HOME"/.ssh/known_hosts" -o "StrictHostKeyChecking accept-new" -p "$DOCKER_PORT" "$DOCKER_USERNAME"@"$DOCKER_HOSTNAME" /bin/true > /dev/null 2>&1
|
ssh -i /key -o "UserKnownHostsFile "$HOME"/.ssh/known_hosts" -o "StrictHostKeyChecking accept-new" -p "$DOCKER_PORT" "$DOCKER_USERNAME"@"$DOCKER_HOSTNAME" true > /dev/null 2>&1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user