From a4856e7a6b6368ba9a891194b079fe2ebe23eeca Mon Sep 17 00:00:00 2001 From: Tom Chauveau Date: Thu, 1 Jul 2021 15:48:03 +0200 Subject: [PATCH] Add new test to docker that push to 2 registry in one plan Signed-off-by: Tom Chauveau --- .../env/docker-push-multi-registry/.gitignore | 2 + .../docker-push-multi-registry/values.yaml | 35 +++++++ .../docker/tests/push-multi-registry/push.cue | 93 +++++++++++++++++++ stdlib/universe.bats | 6 +- 4 files changed, 135 insertions(+), 1 deletion(-) create mode 100644 stdlib/.dagger/env/docker-push-multi-registry/.gitignore create mode 100644 stdlib/.dagger/env/docker-push-multi-registry/values.yaml create mode 100644 stdlib/docker/tests/push-multi-registry/push.cue diff --git a/stdlib/.dagger/env/docker-push-multi-registry/.gitignore b/stdlib/.dagger/env/docker-push-multi-registry/.gitignore new file mode 100644 index 00000000..01ec19b0 --- /dev/null +++ b/stdlib/.dagger/env/docker-push-multi-registry/.gitignore @@ -0,0 +1,2 @@ +# dagger state +state/** diff --git a/stdlib/.dagger/env/docker-push-multi-registry/values.yaml b/stdlib/.dagger/env/docker-push-multi-registry/values.yaml new file mode 100644 index 00000000..7f35d059 --- /dev/null +++ b/stdlib/.dagger/env/docker-push-multi-registry/values.yaml @@ -0,0 +1,35 @@ +plan: + module: ./docker + package: ./tests/push-multi-registry +name: docker-push-multi-registry +inputs: + TestRemoteAWS.awsConfig.accessKey: + secret: ENC[AES256_GCM,data:Vg+RRHYV5p0twlKtq0zGzokTsXY=,iv:XXEjaZBmS7A+KBZQ/0ZJ4WLH3M5dthg0lq86BhHOt2U=,tag:q6QSQkH9Jz/e4FGlBNllug==,type:str] + TestRemoteAWS.awsConfig.region: + text: us-east-2 + TestRemoteAWS.awsConfig.secretKey: + secret: ENC[AES256_GCM,data:uk5BBJhmc8RadT1FSIsnW+/Rvs8c+kIhshBia+DX+UEWiuPV+RwXfw==,iv:DzXcvUcy3amU7wCA6XFgPvGUAU+dxPZQMHKM94d9PlY=,tag:QDDs4kg6cFPLLGRM6sHzfg==,type:str] + TestRemoteDocker.dockerConfig.secret: + secret: ENC[AES256_GCM,data:bxlKdGBSd2Rxf0Kmw8+QO1h0308rGYPqzUO17Eg4RUh2WQjd,iv:vNZww3t8yBrcmmddJghtJWfkz3G9j2CPGyx9B3e/WK8=,tag:qlUl2dkREcGZxdKeAzPjzQ==,type:str] + TestRemoteDocker.dockerConfig.username: + text: daggertest +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnc1JZMUpTUnFZNVI3RHh3 + a0RtTDNIQ2xjaHJlM0tNbndta1NlMjc2a2dFCkQzV0FpMFBHZUdZb0RMYW1DUGN2 + TlZVQ2dhdWt3OEN5LzZEYXR4QkFSTTAKLS0tIFdaS0Z0dG85QXNNTnpXZ0dFUGpY + Yy81dlJ5cDhCL1VCc0szSE9Dbjh0TUEK+xcj1bHhJr0MR+2QLL0Y+at0/SFXcutx + VpUkCykV3eBV6P9I51+3NeJ/ZMmJ43N2geFFJNeacmn8uQKNxpgGGw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2021-07-01T13:15:01Z" + mac: ENC[AES256_GCM,data:vpU0XJA/H/ra4BIuReWJAOLvFW4s+xHDAxxSYoU1WkdX68EUb1jbuhEqyDqlhQRn6lf3qSt9kbnbiiw39/mrdBFnwDg5DLjOPT17G/rBiSp9p+1e4mN8hGNp79uen+dDQX7f4NSxZ4nroMVtEuIuBrbFaZUMYVaBYEHjGuw2hgc=,iv:/nW7lpopSsqTwoaPgiHrabtl8aOZtJEezkwBDqi15Tg=,tag:uw3Hj+/t3Y5U0wpK7g+tJg==,type:str] + pgp: [] + encrypted_suffix: secret + version: 3.7.1 diff --git a/stdlib/docker/tests/push-multi-registry/push.cue b/stdlib/docker/tests/push-multi-registry/push.cue new file mode 100644 index 00000000..7b0891c5 --- /dev/null +++ b/stdlib/docker/tests/push-multi-registry/push.cue @@ -0,0 +1,93 @@ +package docker + +import ( + "alpha.dagger.io/aws" + "alpha.dagger.io/aws/ecr" + "alpha.dagger.io/dagger" + "alpha.dagger.io/dagger/op" + "alpha.dagger.io/random" + "alpha.dagger.io/alpine" +) + +// +// /!\ README /!\ +// The objective is to push an image on multiple registries to verify +// that we correctly handle that kind of configuration +// + +TestResources: { + // Generate a random string + // Seed is used to force buildkit execution and not simply use a previous generated string. + suffix: random.#String & {seed: "docker multi registry"} + + image: #ImageFromDockerfile & { + dockerfile: """ + FROM alpine + RUN echo "test" > /test.txt + """ + context: "" + } +} + +TestRemoteAWS: { + awsConfig: aws.#Config + + ecrCreds: ecr.#Credentials & { + config: awsConfig + } + + target: "125635003186.dkr.ecr.\(awsConfig.region).amazonaws.com/dagger-ci:test-ecr-\(TestResources.suffix.out)" + + remoteImg: #Push & { + "target": target + source: TestResources.image + auth: { + username: ecrCreds.username + secret: ecrCreds.secret + } + } +} + +#TestGetSecret: { + secret: dagger.#Artifact + + out: { + string + + #up: [ + op.#Load & {from: alpine.#Image}, + + op.#Exec & { + always: true + args: ["sh", "-c", "cp /input/secret /secret"] + mount: "/input/secret": "secret": secret + }, + + op.#Export & { + source: "/secret" + }, + ] + } +} + +TestRemoteDocker: { + dockerConfig: { + username: string & dagger.#Input + secret: dagger.#Secret & dagger.#Input + } + + secret: #TestGetSecret & { + secret: dockerConfig.secret + } + + target: "daggerio/ci-test:test-docker-\(TestResources.suffix.out)" + + remoteImg: #Push & { + "target": target + source: TestResources.image + auth: { + username: dockerConfig.username + "secret": secret.out + } + } +} diff --git a/stdlib/universe.bats b/stdlib/universe.bats index f2761325..1655a6ef 100644 --- a/stdlib/universe.bats +++ b/stdlib/universe.bats @@ -73,7 +73,11 @@ setup() { dagger -e docker-pull up } -@test "docker push and pull: invalid credential" { +@test "docker push: multi registry" { + run dagger -e docker-push-multi-registry up +} + +@test "docker push: invalid credential" { # Push image (SHOULD FAIL) run dagger -e docker-push-invalid-creds up assert_failure