Migrate dagger.#Secret and dagger.#Stream to new format

- Refactored to keep every transformation of built-in types (e.g. FS,
  Secret, etc) to/from CUE in the same place (plancontext)
- dagger.#Service and dagger.#Secret are now following the new FS-like format
  (e.g. `_service: id: string`)
- Backward compatibility
- dagger.#Stream is now an alias for dagger.#Service

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>

environment/pipeline.go

@@ -270,16 +270,11 @@ func (p *Pipeline) doOp(ctx context.Context, op *compiler.Value, st llb.State) (
 	// dagger.#FS forward compat
 	// FIXME: remove this
 	if isFS(op) {
-		id, err := op.LookupPath(fsIDPath).String()
+		fs, err := p.pctx.FS.FromValue(op)
 		if err != nil {
-			return st, err
+			return st, nil
 		}
-
-		fs := p.pctx.FS.Get(plancontext.ContextKey(id))
-		if fs == nil {
-			return st, fmt.Errorf("fs %q not found", id)
-		}
-		return fs.Result.ToState()
+		return fs.Result().ToState()
 	}
 
 	do, err := op.Lookup("do").String()
@@ -595,30 +590,26 @@ func (p *Pipeline) mount(ctx context.Context, dest string, mnt *compiler.Value)
 
 	// eg. mount: "/foo": secret: mysecret
 	if secret := mnt.Lookup("secret"); secret.Exists() {
-		id, err := getSecretID(secret)
+		s, err := p.pctx.Secrets.FromValue(secret)
 		if err != nil {
 			return nil, err
 		}
 
 		return llb.AddSecret(dest,
-			llb.SecretID(id),
+			llb.SecretID(s.ID()),
 			llb.SecretFileOpt(0, 0, 0400), // uid, gid, mask)
 		), nil
 	}
 
 	// eg. mount: "/var/run/docker.sock": stream: mystream
 	if stream := mnt.Lookup("stream"); stream.Exists() {
-		if !stream.HasAttr("stream") {
-			return nil, fmt.Errorf("invalid stream %q: not a stream", stream.Path().String())
-		}
-
-		id, err := stream.Lookup("id").String()
+		s, err := p.pctx.Services.FromValue(stream)
 		if err != nil {
-			return nil, fmt.Errorf("invalid stream %q: %w", stream.Path().String(), err)
+			return nil, err
 		}
 
 		return llb.AddSSHSocket(
-			llb.SSHID(id),
+			llb.SSHID(s.ID()),
 			llb.SSHSocketTarget(dest),
 		), nil
 	}
@@ -761,15 +752,11 @@ func parseStringOrSecret(pctx *plancontext.Context, v *compiler.Value) (string,
 	}
 
 	// If we get here, it's a secret
-	id, err := getSecretID(v)
+	secret, err := pctx.Secrets.FromValue(v)
 	if err != nil {
 		return "", err
 	}
-	secret := pctx.Secrets.Get(plancontext.ContextKey(id))
-	if secret == nil {
-		return "", fmt.Errorf("secret %s not found", id)
-	}
-	return secret.PlainText, nil
+	return secret.PlainText(), nil
 }
 
 func (p *Pipeline) Load(ctx context.Context, op *compiler.Value, st llb.State) (llb.State, error) {
@@ -973,21 +960,6 @@ func (p *Pipeline) SaveImage(ctx context.Context, op *compiler.Value, st llb.Sta
 	), nil
 }
 
-func getSecretID(secretField *compiler.Value) (string, error) {
-	if !secretField.HasAttr("secret") {
-		return "", fmt.Errorf("invalid secret %q: not a secret", secretField.Path().String())
-	}
-	idValue := secretField.Lookup("id")
-	if !idValue.Exists() {
-		return "", fmt.Errorf("invalid secret %q: no id field", secretField.Path().String())
-	}
-	id, err := idValue.String()
-	if err != nil {
-		return "", fmt.Errorf("invalid secret id: %w", err)
-	}
-	return id, nil
-}
-
 func (p *Pipeline) FetchGit(ctx context.Context, op *compiler.Value, st llb.State) (llb.State, error) {
 	remote, err := op.Lookup("remote").String()
 	if err != nil {
@@ -1017,18 +989,18 @@ func (p *Pipeline) FetchGit(ctx context.Context, op *compiler.Value, st llb.Stat
 	}
 	// Secret
 	if authToken := op.Lookup("authToken"); authToken.Exists() {
-		id, err := getSecretID(authToken)
+		authTokenSecret, err := p.pctx.Secrets.FromValue(authToken)
 		if err != nil {
 			return st, err
 		}
-		gitOpts = append(gitOpts, llb.AuthTokenSecret(id))
+		gitOpts = append(gitOpts, llb.AuthTokenSecret(authTokenSecret.ID()))
 	}
 	if authHeader := op.Lookup("authHeader"); authHeader.Exists() {
-		id, err := getSecretID(authHeader)
+		authHeaderSecret, err := p.pctx.Secrets.FromValue(authHeader)
 		if err != nil {
 			return st, err
 		}
-		gitOpts = append(gitOpts, llb.AuthHeaderSecret(id))
+		gitOpts = append(gitOpts, llb.AuthHeaderSecret(authHeaderSecret.ID()))
 	}
 
 	gitOpts = append(gitOpts, llb.WithCustomName(p.vertexNamef("FetchGit %s@%s", remoteRedacted, ref)))