engine.#Build: support auth

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
This commit is contained in:
Andrea Luzzardi 2021-12-21 14:16:33 +01:00 committed by Sam Alba
parent 2467fb1920
commit 7d40e79366
4 changed files with 59 additions and 17 deletions

View File

@ -3,10 +3,10 @@ package task
import ( import (
"context" "context"
"encoding/json" "encoding/json"
"errors"
"fmt" "fmt"
"strings" "strings"
"cuelang.org/go/cue"
bkplatforms "github.com/containerd/containerd/platforms" bkplatforms "github.com/containerd/containerd/platforms"
"github.com/moby/buildkit/client/llb" "github.com/moby/buildkit/client/llb"
"github.com/moby/buildkit/exporter/containerimage/exptypes" "github.com/moby/buildkit/exporter/containerimage/exptypes"
@ -14,6 +14,7 @@ import (
"github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb" "github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb"
bkgw "github.com/moby/buildkit/frontend/gateway/client" bkgw "github.com/moby/buildkit/frontend/gateway/client"
bkpb "github.com/moby/buildkit/solver/pb" bkpb "github.com/moby/buildkit/solver/pb"
"github.com/rs/zerolog/log"
"go.dagger.io/dagger/compiler" "go.dagger.io/dagger/compiler"
"go.dagger.io/dagger/plancontext" "go.dagger.io/dagger/plancontext"
@ -42,7 +43,17 @@ func (t *buildTask) Run(ctx context.Context, pctx *plancontext.Context, s solver
} }
func (t *buildTask) dockerfile(ctx context.Context, pctx *plancontext.Context, s solver.Solver, v *compiler.Value) (*compiler.Value, error) { func (t *buildTask) dockerfile(ctx context.Context, pctx *plancontext.Context, s solver.Solver, v *compiler.Value) (*compiler.Value, error) {
// FIXME: support auth lg := log.Ctx(ctx)
// Read auth info
auth, err := decodeAuthValue(pctx, v.Lookup("auth"))
if err != nil {
return nil, err
}
for _, a := range auth {
s.AddCredentials(a.Target, a.Username, a.Secret.PlainText())
lg.Debug().Str("target", a.Target).Msg("add target credentials")
}
source, err := pctx.FS.FromValue(v.Lookup("source")) source, err := pctx.FS.FromValue(v.Lookup("source"))
if err != nil { if err != nil {
@ -104,23 +115,20 @@ func (t *buildTask) dockerfile(ctx context.Context, pctx *plancontext.Context, s
return nil, err return nil, err
} }
out := compiler.NewValue() // Image metadata
if err := out.FillPath(cue.ParsePath("output"), pctx.FS.New(ref).MarshalCUE()); err != nil { meta, ok := res.Metadata[exptypes.ExporterImageConfigKey]
return nil, err if !ok {
return nil, errors.New("build returned no image config")
}
var image dockerfile2llb.Image
if err := json.Unmarshal(meta, &image); err != nil {
return nil, fmt.Errorf("failed to unmarshal image config: %w", err)
} }
// Load image metadata return compiler.NewValue().FillFields(map[string]interface{}{
if meta, ok := res.Metadata[exptypes.ExporterImageConfigKey]; ok { "output": pctx.FS.New(ref).MarshalCUE(),
var image dockerfile2llb.Image "config": image.Config,
if err := json.Unmarshal(meta, &image); err != nil { })
return nil, fmt.Errorf("failed to unmarshal image config: %w", err)
}
if err := out.FillPath(cue.ParsePath("config"), image.Config); err != nil {
return nil, err
}
}
return out, nil
} }
func (t *buildTask) dockerBuildOpts(v *compiler.Value, pctx *plancontext.Context) (map[string]string, error) { func (t *buildTask) dockerBuildOpts(v *compiler.Value, pctx *plancontext.Context) (map[string]string, error) {

View File

@ -83,6 +83,14 @@ package engine
contents: string contents: string
} }
// Authentication
auth: [...{
target: string
username: string
secret: string | #Secret
}]
// FIXME: options ported from op.#DockerBuild
platforms: [...string] platforms: [...string]
target: string target: string
buildArg: [string]: string buildArg: [string]: string

View File

@ -85,4 +85,6 @@ setup() {
"$DAGGER" --europa up ./image_config.cue "$DAGGER" --europa up ./image_config.cue
"$DAGGER" --europa up ./labels.cue "$DAGGER" --europa up ./labels.cue
"$DAGGER" --europa up ./platform.cue "$DAGGER" --europa up ./platform.cue
"$DAGGER" --europa up ./build_auth.cue
} }

View File

@ -0,0 +1,24 @@
package testing
import (
"alpha.dagger.io/europa/dagger/engine"
)
engine.#Plan & {
inputs: {
directories: testdata: path: "./testdata"
secrets: dockerHubToken: envvar: "DOCKERHUB_TOKEN"
}
actions: build: engine.#Build & {
source: inputs.directories.testdata.contents
auth: [{
target: "daggerio/ci-test:private-pull"
username: "daggertest"
secret: inputs.secrets.dockerHubToken.contents
}]
dockerfile: contents: """
FROM daggerio/ci-test:private-pull@sha256:c74f1b1166784193ea6c8f9440263b9be6cae07dfe35e32a5df7a31358ac2060
"""
}
}