Implement modifications for engine.#Pull, engine.#Push, docker.#Push, docker.#Pull

Signed-off-by: guillaume <guillaume.derouville@gmail.com>
This commit is contained in:
guillaume 2022-01-31 16:22:19 +01:00
parent 1a98c572b8
commit ac30274d96
6 changed files with 49 additions and 63 deletions

View File

@ -14,11 +14,10 @@ package engine
config: #ImageConfig config: #ImageConfig
// Authentication // Authentication
auth: [...{ auth?: {
target: string
username: string username: string
secret: string | #Secret secret: #Secret
}] }
// Complete ref of the pushed image, including digest // Complete ref of the pushed image, including digest
result: #Ref result: #Ref
@ -68,11 +67,10 @@ package engine
source: #Ref source: #Ref
// Authentication // Authentication
auth: [...{ auth?: {
target: string
username: string username: string
secret: string | #Secret secret: string | #Secret
}] }
// Root filesystem of downloaded image // Root filesystem of downloaded image
output: #FS output: #FS

View File

@ -12,18 +12,16 @@ import (
source: #Ref source: #Ref
// Registry authentication // Registry authentication
// Key must be registry address, for example "index.docker.io" auth?: {
auth: [registry=string]: {
username: string username: string
secret: dagger.#Secret secret: dagger.#Secret
} }
_op: engine.#Pull & { _op: engine.#Pull & {
"source": source "source": source
"auth": [ for target, creds in auth { if auth != _|_ {
"target": target "auth": auth
creds }
}]
} }
// Downloaded image // Downloaded image

View File

@ -14,8 +14,7 @@ import (
result: #Ref & _push.result result: #Ref & _push.result
// Registry authentication // Registry authentication
// Key must be registry address auth?: {
auth: [registry=string]: {
username: string username: string
secret: dagger.#Secret secret: dagger.#Secret
} }
@ -25,10 +24,9 @@ import (
_push: engine.#Push & { _push: engine.#Push & {
"dest": dest "dest": dest
"auth": [ for target, creds in auth { if auth != _|_ {
"target": target "auth": auth
creds }
}]
input: image.rootfs input: image.rootfs
config: image.config config: image.config
} }

View File

@ -6,7 +6,6 @@ import (
) )
type authValue struct { type authValue struct {
Target string
Username string Username string
Secret *plancontext.Secret Secret *plancontext.Secret
} }
@ -14,41 +13,23 @@ type authValue struct {
// Decodes an auth field value // Decodes an auth field value
// //
// Cue format: // Cue format:
// auth: [...{ // auth: {
// target: string
// username: string // username: string
// secret: string | #Secret // secret: string | #Secret
// }] // }
func decodeAuthValue(pctx *plancontext.Context, v *compiler.Value) ([]*authValue, error) { func decodeAuthValue(pctx *plancontext.Context, v *compiler.Value) (*authValue, error) {
vals, err := v.List() authVal := authValue{}
username, err := v.Lookup("username").String()
if err != nil { if err != nil {
return nil, err return nil, err
} }
authVal.Username = username
authVals := []*authValue{} secret, err := pctx.Secrets.FromValue(v.Lookup("secret"))
for _, val := range vals { if err != nil {
authVal := authValue{} return nil, err
target, err := val.Lookup("target").String()
if err != nil {
return nil, err
}
authVal.Target = target
username, err := val.Lookup("username").String()
if err != nil {
return nil, err
}
authVal.Username = username
secret, err := pctx.Secrets.FromValue(val.Lookup("secret"))
if err != nil {
return nil, err
}
authVal.Secret = secret
authVals = append(authVals, &authVal)
} }
authVal.Secret = secret
return authVals, nil return &authVal, nil
} }

View File

@ -28,13 +28,18 @@ func (c *pullTask) Run(ctx context.Context, pctx *plancontext.Context, s solver.
} }
// Read auth info // Read auth info
auth, err := decodeAuthValue(pctx, v.Lookup("auth")) if auth := v.Lookup("auth"); auth.Exists() {
if err != nil { a, err := decodeAuthValue(pctx, auth)
return nil, err if err != nil {
} return nil, err
for _, a := range auth { }
s.AddCredentials(a.Target, a.Username, a.Secret.PlainText()) // Extract registry target from source
lg.Debug().Str("target", a.Target).Msg("add target credentials") target, err := solver.ParseAuthHost(rawRef)
if err != nil {
return nil, err
}
s.AddCredentials(target, a.Username, a.Secret.PlainText())
lg.Debug().Str("target", target).Msg("add target credentials")
} }
ref, err := reference.ParseNormalizedNamed(rawRef) ref, err := reference.ParseNormalizedNamed(rawRef)

View File

@ -36,13 +36,19 @@ func (c *pushTask) Run(ctx context.Context, pctx *plancontext.Context, s solver.
dest = reference.TagNameOnly(dest) dest = reference.TagNameOnly(dest)
// Read auth info // Read auth info
auth, err := decodeAuthValue(pctx, v.Lookup("auth")) if auth := v.Lookup("auth"); auth.Exists() {
if err != nil { // Read auth info
return nil, err a, err := decodeAuthValue(pctx, auth)
} if err != nil {
for _, a := range auth { return nil, err
s.AddCredentials(a.Target, a.Username, a.Secret.PlainText()) }
lg.Debug().Str("target", a.Target).Msg("add target credentials") // Extract registry target from dest
target, err := solver.ParseAuthHost(rawDest)
if err != nil {
return nil, err
}
s.AddCredentials(target, a.Username, a.Secret.PlainText())
lg.Debug().Str("target", target).Msg("add target credentials")
} }
// Get input state // Get input state