engine.#Build: support auth
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
This commit is contained in:
parent
2467fb1920
commit
7d40e79366
@ -3,10 +3,10 @@ package task
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"cuelang.org/go/cue"
|
|
||||||
bkplatforms "github.com/containerd/containerd/platforms"
|
bkplatforms "github.com/containerd/containerd/platforms"
|
||||||
"github.com/moby/buildkit/client/llb"
|
"github.com/moby/buildkit/client/llb"
|
||||||
"github.com/moby/buildkit/exporter/containerimage/exptypes"
|
"github.com/moby/buildkit/exporter/containerimage/exptypes"
|
||||||
@ -14,6 +14,7 @@ import (
|
|||||||
"github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb"
|
"github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb"
|
||||||
bkgw "github.com/moby/buildkit/frontend/gateway/client"
|
bkgw "github.com/moby/buildkit/frontend/gateway/client"
|
||||||
bkpb "github.com/moby/buildkit/solver/pb"
|
bkpb "github.com/moby/buildkit/solver/pb"
|
||||||
|
"github.com/rs/zerolog/log"
|
||||||
|
|
||||||
"go.dagger.io/dagger/compiler"
|
"go.dagger.io/dagger/compiler"
|
||||||
"go.dagger.io/dagger/plancontext"
|
"go.dagger.io/dagger/plancontext"
|
||||||
@ -42,7 +43,17 @@ func (t *buildTask) Run(ctx context.Context, pctx *plancontext.Context, s solver
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (t *buildTask) dockerfile(ctx context.Context, pctx *plancontext.Context, s solver.Solver, v *compiler.Value) (*compiler.Value, error) {
|
func (t *buildTask) dockerfile(ctx context.Context, pctx *plancontext.Context, s solver.Solver, v *compiler.Value) (*compiler.Value, error) {
|
||||||
// FIXME: support auth
|
lg := log.Ctx(ctx)
|
||||||
|
|
||||||
|
// Read auth info
|
||||||
|
auth, err := decodeAuthValue(pctx, v.Lookup("auth"))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
for _, a := range auth {
|
||||||
|
s.AddCredentials(a.Target, a.Username, a.Secret.PlainText())
|
||||||
|
lg.Debug().Str("target", a.Target).Msg("add target credentials")
|
||||||
|
}
|
||||||
|
|
||||||
source, err := pctx.FS.FromValue(v.Lookup("source"))
|
source, err := pctx.FS.FromValue(v.Lookup("source"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -104,23 +115,20 @@ func (t *buildTask) dockerfile(ctx context.Context, pctx *plancontext.Context, s
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
out := compiler.NewValue()
|
// Image metadata
|
||||||
if err := out.FillPath(cue.ParsePath("output"), pctx.FS.New(ref).MarshalCUE()); err != nil {
|
meta, ok := res.Metadata[exptypes.ExporterImageConfigKey]
|
||||||
return nil, err
|
if !ok {
|
||||||
|
return nil, errors.New("build returned no image config")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Load image metadata
|
|
||||||
if meta, ok := res.Metadata[exptypes.ExporterImageConfigKey]; ok {
|
|
||||||
var image dockerfile2llb.Image
|
var image dockerfile2llb.Image
|
||||||
if err := json.Unmarshal(meta, &image); err != nil {
|
if err := json.Unmarshal(meta, &image); err != nil {
|
||||||
return nil, fmt.Errorf("failed to unmarshal image config: %w", err)
|
return nil, fmt.Errorf("failed to unmarshal image config: %w", err)
|
||||||
}
|
}
|
||||||
if err := out.FillPath(cue.ParsePath("config"), image.Config); err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return out, nil
|
return compiler.NewValue().FillFields(map[string]interface{}{
|
||||||
|
"output": pctx.FS.New(ref).MarshalCUE(),
|
||||||
|
"config": image.Config,
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (t *buildTask) dockerBuildOpts(v *compiler.Value, pctx *plancontext.Context) (map[string]string, error) {
|
func (t *buildTask) dockerBuildOpts(v *compiler.Value, pctx *plancontext.Context) (map[string]string, error) {
|
||||||
|
@ -83,6 +83,14 @@ package engine
|
|||||||
contents: string
|
contents: string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Authentication
|
||||||
|
auth: [...{
|
||||||
|
target: string
|
||||||
|
username: string
|
||||||
|
secret: string | #Secret
|
||||||
|
}]
|
||||||
|
|
||||||
|
// FIXME: options ported from op.#DockerBuild
|
||||||
platforms: [...string]
|
platforms: [...string]
|
||||||
target: string
|
target: string
|
||||||
buildArg: [string]: string
|
buildArg: [string]: string
|
||||||
|
@ -85,4 +85,6 @@ setup() {
|
|||||||
"$DAGGER" --europa up ./image_config.cue
|
"$DAGGER" --europa up ./image_config.cue
|
||||||
"$DAGGER" --europa up ./labels.cue
|
"$DAGGER" --europa up ./labels.cue
|
||||||
"$DAGGER" --europa up ./platform.cue
|
"$DAGGER" --europa up ./platform.cue
|
||||||
|
|
||||||
|
"$DAGGER" --europa up ./build_auth.cue
|
||||||
}
|
}
|
||||||
|
24
tests/tasks/build/build_auth.cue
Normal file
24
tests/tasks/build/build_auth.cue
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
package testing
|
||||||
|
|
||||||
|
import (
|
||||||
|
"alpha.dagger.io/europa/dagger/engine"
|
||||||
|
)
|
||||||
|
|
||||||
|
engine.#Plan & {
|
||||||
|
inputs: {
|
||||||
|
directories: testdata: path: "./testdata"
|
||||||
|
secrets: dockerHubToken: envvar: "DOCKERHUB_TOKEN"
|
||||||
|
}
|
||||||
|
|
||||||
|
actions: build: engine.#Build & {
|
||||||
|
source: inputs.directories.testdata.contents
|
||||||
|
auth: [{
|
||||||
|
target: "daggerio/ci-test:private-pull"
|
||||||
|
username: "daggertest"
|
||||||
|
secret: inputs.secrets.dockerHubToken.contents
|
||||||
|
}]
|
||||||
|
dockerfile: contents: """
|
||||||
|
FROM daggerio/ci-test:private-pull@sha256:c74f1b1166784193ea6c8f9440263b9be6cae07dfe35e32a5df7a31358ac2060
|
||||||
|
"""
|
||||||
|
}
|
||||||
|
}
|
Reference in New Issue
Block a user