Merge pull request #896 from grouville/localstack

Localstack integration
This commit is contained in:
Sam Alba 2021-08-24 10:10:07 -07:00 committed by GitHub
commit 9d7b40253d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 249 additions and 70 deletions

View File

@ -98,6 +98,23 @@ jobs:
name: Universe name: Universe
runs-on: ubuntu-latest runs-on: ubuntu-latest
timeout-minutes: 30 timeout-minutes: 30
services:
localstack:
image: localstack/localstack:0.12.16
env:
SERVICES: s3, ecr
LOCALSTACK_API_KEY: ${{ secrets.LOCALSTACK_API_KEY }}
ports:
- 4566:4566
- 4571:4571
- 4510:4510
options: >-
--health-cmd "curl -f http://localhost:4566/health"
--health-start-period 5s
--health-timeout 5s
--health-interval 5s
--health-retries 10
steps: steps:
- name: Check out - name: Check out
uses: actions/checkout@v2 uses: actions/checkout@v2
@ -117,6 +134,15 @@ jobs:
mkdir -p ~/.config/dagger mkdir -p ~/.config/dagger
echo "$DAGGER_AGE_KEY" > ~/.config/dagger/keys.txt echo "$DAGGER_AGE_KEY" > ~/.config/dagger/keys.txt
- name: Provision Localstack AWS resources
env:
AWS_ACCESS_KEY_ID: test
AWS_SECRET_ACCESS_KEY: test
AWS_DEFAULT_REGION: us-east-2
run: |
aws --endpoint-url=http://localhost:4566 s3 mb s3://dagger-ci
aws --endpoint-url=http://localhost:4566 ecr create-repository --repository-name dagger-ci
- name: Universe Test - name: Universe Test
run: | run: |
make universe-test make universe-test

View File

@ -16,11 +16,12 @@ Re-usable aws-cli component
### aws.#CLI Inputs ### aws.#CLI Inputs
| Name | Type | Description | | Name | Type | Description |
| ------------- |:-------------: |:-------------: | | ------------- |:-------------: |:-------------: |
|*config.region* | `string` |AWS region | |*config.region* | `string` |AWS region |
|*config.accessKey* | `dagger.#Secret` |AWS access key | |*config.accessKey* | `dagger.#Secret` |AWS access key |
|*config.secretKey* | `dagger.#Secret` |AWS secret key | |*config.secretKey* | `dagger.#Secret` |AWS secret key |
|*config.localMode* | `*null \| string` |AWS localstack mode |
### aws.#CLI Outputs ### aws.#CLI Outputs
@ -32,11 +33,12 @@ AWS Config shared by all AWS packages
### aws.#Config Inputs ### aws.#Config Inputs
| Name | Type | Description | | Name | Type | Description |
| ------------- |:-------------: |:-------------: | | ------------- |:-------------: |:-------------: |
|*region* | `string` |AWS region | |*region* | `string` |AWS region |
|*accessKey* | `dagger.#Secret` |AWS access key | |*accessKey* | `dagger.#Secret` |AWS access key |
|*secretKey* | `dagger.#Secret` |AWS secret key | |*secretKey* | `dagger.#Secret` |AWS secret key |
|*localMode* | `*null \| string` |AWS localstack mode |
### aws.#Config Outputs ### aws.#Config Outputs

View File

@ -21,6 +21,7 @@ AWS CloudFormation Stack
|*config.region* | `string` |AWS region | |*config.region* | `string` |AWS region |
|*config.accessKey* | `dagger.#Secret` |AWS access key | |*config.accessKey* | `dagger.#Secret` |AWS access key |
|*config.secretKey* | `dagger.#Secret` |AWS secret key | |*config.secretKey* | `dagger.#Secret` |AWS secret key |
|*config.localMode* | `*null \| string` |AWS localstack mode |
|*source* | `string` |Source is the Cloudformation template (JSON/YAML string) | |*source* | `string` |Source is the Cloudformation template (JSON/YAML string) |
|*stackName* | `string` |Stackname is the cloudformation stack | |*stackName* | `string` |Stackname is the cloudformation stack |
|*parameters* | `struct` |Stack parameters | |*parameters* | `struct` |Stack parameters |

View File

@ -16,14 +16,16 @@ Convert ECR credentials to Docker Login format
### ecr.#Credentials Inputs ### ecr.#Credentials Inputs
| Name | Type | Description | | Name | Type | Description |
| ------------- |:-------------: |:-------------: | | ------------- |:-------------: |:-------------: |
|*config.region* | `string` |AWS region | |*config.region* | `string` |AWS region |
|*config.accessKey* | `dagger.#Secret` |AWS access key | |*config.accessKey* | `dagger.#Secret` |AWS access key |
|*config.secretKey* | `dagger.#Secret` |AWS secret key | |*config.secretKey* | `dagger.#Secret` |AWS secret key |
|*ctr.image.config.region* | `string` |AWS region | |*config.localMode* | `*null \| string` |AWS localstack mode |
|*ctr.image.config.accessKey* | `dagger.#Secret` |AWS access key | |*ctr.image.config.region* | `string` |AWS region |
|*ctr.image.config.secretKey* | `dagger.#Secret` |AWS secret key | |*ctr.image.config.accessKey* | `dagger.#Secret` |AWS access key |
|*ctr.image.config.secretKey* | `dagger.#Secret` |AWS secret key |
|*ctr.image.config.localMode* | `*null \| string` |AWS localstack mode |
### ecr.#Credentials Outputs ### ecr.#Credentials Outputs

View File

@ -16,13 +16,14 @@ KubeConfig config outputs a valid kube-auth-config for kubectl client
### eks.#KubeConfig Inputs ### eks.#KubeConfig Inputs
| Name | Type | Description | | Name | Type | Description |
| ------------- |:-------------: |:-------------: | | ------------- |:-------------: |:-------------: |
|*config.region* | `string` |AWS region | |*config.region* | `string` |AWS region |
|*config.accessKey* | `dagger.#Secret` |AWS access key | |*config.accessKey* | `dagger.#Secret` |AWS access key |
|*config.secretKey* | `dagger.#Secret` |AWS secret key | |*config.secretKey* | `dagger.#Secret` |AWS secret key |
|*clusterName* | `string` |EKS cluster name | |*config.localMode* | `*null \| string` |AWS localstack mode |
|*version* | `*"v1.19.9" \| string` |Kubectl version | |*clusterName* | `string` |EKS cluster name |
|*version* | `*"v1.19.9" \| string` |Kubectl version |
### eks.#KubeConfig Outputs ### eks.#KubeConfig Outputs

View File

@ -16,12 +16,13 @@ Returns an unused rule priority (randomized in available range)
### elb.#RandomRulePriority Inputs ### elb.#RandomRulePriority Inputs
| Name | Type | Description | | Name | Type | Description |
| ------------- |:-------------: |:-------------: | | ------------- |:-------------: |:-------------: |
|*config.region* | `string` |AWS region | |*config.region* | `string` |AWS region |
|*config.accessKey* | `dagger.#Secret` |AWS access key | |*config.accessKey* | `dagger.#Secret` |AWS access key |
|*config.secretKey* | `dagger.#Secret` |AWS secret key | |*config.secretKey* | `dagger.#Secret` |AWS secret key |
|*listenerArn* | `string` |ListenerArn | |*config.localMode* | `*null \| string` |AWS localstack mode |
|*listenerArn* | `string` |ListenerArn |
### elb.#RandomRulePriority Outputs ### elb.#RandomRulePriority Outputs

View File

@ -16,15 +16,16 @@ Creates a new Database on an existing RDS Instance
### rds.#Database Inputs ### rds.#Database Inputs
| Name | Type | Description | | Name | Type | Description |
| ------------- |:-------------: |:-------------: | | ------------- |:-------------: |:-------------: |
|*config.region* | `string` |AWS region | |*config.region* | `string` |AWS region |
|*config.accessKey* | `dagger.#Secret` |AWS access key | |*config.accessKey* | `dagger.#Secret` |AWS access key |
|*config.secretKey* | `dagger.#Secret` |AWS secret key | |*config.secretKey* | `dagger.#Secret` |AWS secret key |
|*name* | `string` |DB name | |*config.localMode* | `*null \| string` |AWS localstack mode |
|*dbArn* | `string` |ARN of the database instance | |*name* | `string` |DB name |
|*secretArn* | `string` |ARN of the database secret (for connecting via rds api) | |*dbArn* | `string` |ARN of the database instance |
|*dbType* | `string` |Database type MySQL or PostgreSQL (Aurora Serverless only) | |*secretArn* | `string` |ARN of the database secret (for connecting via rds api) |
|*dbType* | `string` |Database type MySQL or PostgreSQL (Aurora Serverless only) |
### rds.#Database Outputs ### rds.#Database Outputs
@ -38,12 +39,13 @@ Fetches information on an existing RDS Instance
### rds.#Instance Inputs ### rds.#Instance Inputs
| Name | Type | Description | | Name | Type | Description |
| ------------- |:-------------: |:-------------: | | ------------- |:-------------: |:-------------: |
|*config.region* | `string` |AWS region | |*config.region* | `string` |AWS region |
|*config.accessKey* | `dagger.#Secret` |AWS access key | |*config.accessKey* | `dagger.#Secret` |AWS access key |
|*config.secretKey* | `dagger.#Secret` |AWS secret key | |*config.secretKey* | `dagger.#Secret` |AWS secret key |
|*dbArn* | `string` |ARN of the database instance | |*config.localMode* | `*null \| string` |AWS localstack mode |
|*dbArn* | `string` |ARN of the database instance |
### rds.#Instance Outputs ### rds.#Instance Outputs
@ -59,17 +61,18 @@ Creates a new user credentials on an existing RDS Instance
### rds.#User Inputs ### rds.#User Inputs
| Name | Type | Description | | Name | Type | Description |
| ------------- |:-------------: |:-------------: | | ------------- |:-------------: |:-------------: |
|*config.region* | `string` |AWS region | |*config.region* | `string` |AWS region |
|*config.accessKey* | `dagger.#Secret` |AWS access key | |*config.accessKey* | `dagger.#Secret` |AWS access key |
|*config.secretKey* | `dagger.#Secret` |AWS secret key | |*config.secretKey* | `dagger.#Secret` |AWS secret key |
|*username* | `string` |Username | |*config.localMode* | `*null \| string` |AWS localstack mode |
|*password* | `string` |Password | |*username* | `string` |Username |
|*dbArn* | `string` |ARN of the database instance | |*password* | `string` |Password |
|*secretArn* | `string` |ARN of the database secret (for connecting via rds api) | |*dbArn* | `string` |ARN of the database instance |
|*grantDatabase* | `*"" \| string` |Name of the database to grants access to | |*secretArn* | `string` |ARN of the database secret (for connecting via rds api) |
|*dbType* | `string` |Database type MySQL or PostgreSQL (Aurora Serverless only) | |*grantDatabase* | `*"" \| string` |Name of the database to grants access to |
|*dbType* | `string` |Database type MySQL or PostgreSQL (Aurora Serverless only) |
### rds.#User Outputs ### rds.#User Outputs

View File

@ -21,6 +21,7 @@ S3 Bucket object(s) sync
|*config.region* | `string` |AWS region | |*config.region* | `string` |AWS region |
|*config.accessKey* | `dagger.#Secret` |AWS access key | |*config.accessKey* | `dagger.#Secret` |AWS access key |
|*config.secretKey* | `dagger.#Secret` |AWS secret key | |*config.secretKey* | `dagger.#Secret` |AWS secret key |
|*config.localMode* | `*null \| string` |AWS localstack mode |
|*source* | `dagger.#Artifact` |Source Artifact to upload to S3 | |*source* | `dagger.#Artifact` |Source Artifact to upload to S3 |
|*target* | `string` |Target S3 URL (eg. s3://\<bucket-name\>/\<path\>/\<sub-path\>) | |*target* | `string` |Target S3 URL (eg. s3://\<bucket-name\>/\<path\>/\<sub-path\>) |
|*delete* | `*false \| true` |Delete files that already exist on remote destination | |*delete* | `*false \| true` |Delete files that already exist on remote destination |

View File

@ -0,0 +1,2 @@
# dagger state
state/**

View File

@ -0,0 +1,30 @@
plan:
package: ./aws/ecr/tests
name: aws-ecr-localstack
inputs:
TestConfig.awsConfig.accessKey:
secret: ENC[AES256_GCM,data:t/iOlA==,iv:oLhubqSKZqn5lVPFn8On//LPj1deAFPXKVTyBKdVODQ=,tag:PORmrxDIf/MHbFDrdxnlTQ==,type:str]
TestConfig.awsConfig.localMode:
text: "true"
TestConfig.awsConfig.secretKey:
secret: ENC[AES256_GCM,data:2HYF9w==,iv:f/a9dy4HLJOtKdn8G+zKTboXU1YhzXBEKT1WSvrsCvk=,tag:RKQO+Pg3wg23LIMAnyXhMA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKeEk5MS9nVmFoOVNNOHdE
WnZCTXBWbW9LL1NJYndCYjhIM2JsNXNEUmxJCkUya0dlZjZ0dGRIM1pVdzg5eWFH
MVpiaE9PclNudGdUZm5FcytuVDZGTDAKLS0tIEQxWDdteHgzS3JkdmtNTVpxMUh1
aXlvVWJVSGNTSkVyYmpZbi9nUVJZdmMK6csXZ2RMxFw5DB+Hb2TyhyoZT8c2/z7Y
Lc9Pe8gb8aUq5Ha+wCybYvY6JWEM5A9XYJKbE7f4borTfGKS72d6pw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2021-08-16T20:52:50Z"
mac: ENC[AES256_GCM,data:31GBJoqzJOt2q29ql9xTGvhg6XaMupZliAEx2XXD19CvJuAlPdkkbdOP1quEDjHqeBfWUZlTTnqqm2HdSjJ9MgS7aSpgIwb65g/KMez/13QKqlicKaOT55uuyPmWh9+p0rSBCWTHo1vcZldXEuQ9eohwgkV1xHGU3tV+IsmlfrM=,iv:ISdTPiT3rUpZrmMoMBDYmQEB5Q6Tg5fx8leAS3B2kBU=,tag:z/4/2MS6CSlEC++9kCKn5Q==,type:str]
pgp: []
encrypted_suffix: secret
version: 3.7.1

View File

@ -0,0 +1,2 @@
# dagger state
state/**

View File

@ -0,0 +1,33 @@
plan:
package: ./aws/s3/tests
name: aws-s3-localstack
inputs:
TestConfig.awsConfig.accessKey:
secret: ENC[AES256_GCM,data:RJY8Cw==,iv:yZW4m74SdRl5qeDfyQVJPOvAktu2qt8jJB45hWUd5p8=,tag:7DCf5ys4Cblb1V1XHMCWAQ==,type:str]
TestConfig.awsConfig.localMode:
text: "true"
TestConfig.awsConfig.secretKey:
secret: ENC[AES256_GCM,data:iYxBnA==,iv:7mdUXVnmMJm2pz9Kt1MwrwFeAxwqZaH9o1D2FbUD860=,tag:fj8+JJbNS3Z/L2ft+BtJ1Q==,type:str]
TestDirectory:
dir:
path: ./aws/s3/tests/testdata
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKeEk5MS9nVmFoOVNNOHdE
WnZCTXBWbW9LL1NJYndCYjhIM2JsNXNEUmxJCkUya0dlZjZ0dGRIM1pVdzg5eWFH
MVpiaE9PclNudGdUZm5FcytuVDZGTDAKLS0tIEQxWDdteHgzS3JkdmtNTVpxMUh1
aXlvVWJVSGNTSkVyYmpZbi9nUVJZdmMK6csXZ2RMxFw5DB+Hb2TyhyoZT8c2/z7Y
Lc9Pe8gb8aUq5Ha+wCybYvY6JWEM5A9XYJKbE7f4borTfGKS72d6pw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2021-08-16T20:43:09Z"
mac: ENC[AES256_GCM,data:suv1ImWFc+7HyrpNw66vasTf75PLu07DivxKCyuqcLFqBBs9qgxg8VFXax1hiZRp7NLTG1cqJ3JLW8DsPzhFTs2xJEDQ8BBKfqNFGgHzucaAISlfKzKKQtPb4NM+56WEmuiF7ns0jKyJH385A1qttD8pVeyLnj4ps+9iU/iA5wo=,iv:LT5XzerWt6ctuPYd/Pm7sdSQni30G5tBNQni+Nfmd3s=,tag:OO+/JhjwcZbnFCIFvOM17g==,type:str]
pgp: []
encrypted_suffix: secret
version: 3.7.1

View File

@ -10,11 +10,13 @@ import (
// AWS Config shared by all AWS packages // AWS Config shared by all AWS packages
#Config: { #Config: {
// AWS region // AWS region
region: string @dagger(input) region: dagger.#Input & {string}
// AWS access key // AWS access key
accessKey: dagger.#Secret @dagger(input) accessKey: dagger.#Input & {dagger.#Secret}
// AWS secret key // AWS secret key
secretKey: dagger.#Secret @dagger(input) secretKey: dagger.#Input & {dagger.#Secret}
// AWS localstack mode
localMode: dagger.#Input & {string | *null}
} }
// Re-usable aws-cli component // Re-usable aws-cli component
@ -30,6 +32,9 @@ import (
"package": jq: "=~1.6" "package": jq: "=~1.6"
"package": curl: true "package": curl: true
"package": "aws-cli": "=~1.18" "package": "aws-cli": "=~1.18"
if config.localMode != null {
package: "py3-pip": true
}
} }
}, },
op.#Exec & { op.#Exec & {
@ -40,14 +45,37 @@ import (
"-eo", "-eo",
"pipefail", "pipefail",
"-c", "-c",
#""" if config.localMode == null {
aws configure set aws_access_key_id "$(cat /run/secrets/access_key)" #"""
aws configure set aws_secret_access_key "$(cat /run/secrets/secret_key)" aws configure set aws_access_key_id "$(cat /run/secrets/access_key)"
aws configure set aws_secret_access_key "$(cat /run/secrets/secret_key)"
aws configure set default.region "$AWS_DEFAULT_REGION" aws configure set default.region "$AWS_DEFAULT_REGION"
aws configure set default.cli_pager "" aws configure set default.cli_pager ""
aws configure set default.output "json" aws configure set default.output "json"
"""#, """#
},
if config.localMode != null {
#"""
# Download awscli v3 and override aws
pip install awscli-local[v2]
mv /usr/bin/awslocal /usr/bin/aws
# Configure
mkdir -p ~/.aws/
# Set up ~/.aws/config
echo "[default]" > ~/.aws/config
echo "region = $AWS_DEFAULT_REGION" >> ~/.aws/config
echo "cli_pager =" >> ~/.aws/config
echo "output = json" >> ~/.aws/config
# Set up ~/.aws/credentials
echo "[default]" > ~/.aws/credentials
echo "aws_access_key_id = $(cat /run/secrets/access_key)" >> ~/.aws/credentials
echo "aws_secret_access_key = $(cat /run/secrets/secret_key)" >> ~/.aws/credentials
"""#
},
] ]
mount: "/run/secrets/access_key": secret: config.accessKey mount: "/run/secrets/access_key": secret: config.accessKey
mount: "/run/secrets/secret_key": secret: config.secretKey mount: "/run/secrets/secret_key": secret: config.secretKey

View File

@ -11,12 +11,20 @@ TestConfig: awsConfig: aws.#Config & {
} }
TestECR: { TestECR: {
localMode: TestConfig.awsConfig.localMode
suffix: random.#String & { suffix: random.#String & {
seed: "" seed: ""
} }
repository: "125635003186.dkr.ecr.\(TestConfig.awsConfig.region).amazonaws.com/dagger-ci" repository: string
tag: "test-ecr-\(suffix.out)" if localMode == null {
repository: "125635003186.dkr.ecr.\(TestConfig.awsConfig.region).amazonaws.com/dagger-ci"
}
if localMode != null {
repository: "localhost:4510/dagger-ci"
}
tag: "test-ecr-\(suffix.out)"
creds: #Credentials & { creds: #Credentials & {
config: TestConfig.awsConfig config: TestConfig.awsConfig

View File

@ -1,3 +1,20 @@
# Instead of setup, this just runs once
setup_file() {
# Cleanup local Localstack instances
if [ "$(curl -s http://localhost:4566)" = '{"status": "running"}' ] && \
[ "$GITHUB_ACTIONS" != "true" ]; then
echo "Cleanup local LOCALSTACK"
# S3 buckets cleanup
aws --endpoint-url=http://localhost:4566 s3 rm s3://dagger-ci 2>/dev/null || true
aws --endpoint-url=http://localhost:4566 s3 mb s3://dagger-ci 2>/dev/null || true
# ECR repositories cleanup
aws --endpoint-url=http://localhost:4566 ecr delete-repository --repository-name dagger-ci 2>/dev/null || true
aws --endpoint-url=http://localhost:4566 ecr create-repository --repository-name dagger-ci 2>/dev/null || true
fi
}
common_setup() { common_setup() {
load 'node_modules/bats-support/load' load 'node_modules/bats-support/load'
load 'node_modules/bats-assert/load' load 'node_modules/bats-assert/load'
@ -58,6 +75,16 @@ copy_to_sandbox() {
cp -a "$source_package" "$target_package" cp -a "$source_package" "$target_package"
fi fi
} }
# Check if there is a localstack instance.
#
# This is needed to do docs test in the CI.
skip_unless_local_localstack() {
if [ "$(curl -s http://localhost:4566)" = '{"status": "running"}' ]; then
echo "Localstack available"
else
skip "Localstack not available"
fi
}
# Check if there is a local kubernetes cluster. # Check if there is a local kubernetes cluster.
# #

View File

@ -45,10 +45,22 @@ setup() {
dagger -e aws-ecr up dagger -e aws-ecr up
} }
@test "aws: ecr/localstack" {
skip_unless_local_localstack
dagger -e aws-ecr-localstack up
}
@test "aws: s3" { @test "aws: s3" {
dagger -e aws-s3 up dagger -e aws-s3 up
} }
@test "aws: s3/localstack" {
skip_unless_local_localstack
dagger -e aws-s3-localstack up
}
@test "aws: eks" { @test "aws: eks" {
dagger -e aws-eks up dagger -e aws-eks up
} }