Implement modifications for engine.#Pull, engine.#Push, docker.#Push, docker.#Pull
Signed-off-by: guillaume <guillaume.derouville@gmail.com>
This commit is contained in:
guillaume
parent
1a98c572b8
commit
ac30274d96
@ -14,11 +14,10 @@ package engine
|
||||
config: #ImageConfig
|
||||
|
||||
// Authentication
|
||||
auth: [...{
|
||||
target: string
|
||||
auth?: {
|
||||
username: string
|
||||
secret: string | #Secret
|
||||
}]
|
||||
secret: #Secret
|
||||
}
|
||||
|
||||
// Complete ref of the pushed image, including digest
|
||||
result: #Ref
|
||||
@ -68,11 +67,10 @@ package engine
|
||||
source: #Ref
|
||||
|
||||
// Authentication
|
||||
auth: [...{
|
||||
target: string
|
||||
auth?: {
|
||||
username: string
|
||||
secret: string | #Secret
|
||||
}]
|
||||
}
|
||||
|
||||
// Root filesystem of downloaded image
|
||||
output: #FS
|
||||
|
||||
@ -12,18 +12,16 @@ import (
|
||||
source: #Ref
|
||||
|
||||
// Registry authentication
|
||||
// Key must be registry address, for example "index.docker.io"
|
||||
auth: [registry=string]: {
|
||||
auth?: {
|
||||
username: string
|
||||
secret: dagger.#Secret
|
||||
}
|
||||
|
||||
_op: engine.#Pull & {
|
||||
"source": source
|
||||
"auth": [ for target, creds in auth {
|
||||
"target": target
|
||||
creds
|
||||
}]
|
||||
if auth != _|_ {
|
||||
"auth": auth
|
||||
}
|
||||
}
|
||||
|
||||
// Downloaded image
|
||||
|
||||
@ -14,8 +14,7 @@ import (
|
||||
result: #Ref & _push.result
|
||||
|
||||
// Registry authentication
|
||||
// Key must be registry address
|
||||
auth: [registry=string]: {
|
||||
auth?: {
|
||||
username: string
|
||||
secret: dagger.#Secret
|
||||
}
|
||||
@ -25,10 +24,9 @@ import (
|
||||
|
||||
_push: engine.#Push & {
|
||||
"dest": dest
|
||||
"auth": [ for target, creds in auth {
|
||||
"target": target
|
||||
creds
|
||||
}]
|
||||
if auth != _|_ {
|
||||
"auth": auth
|
||||
}
|
||||
input: image.rootfs
|
||||
config: image.config
|
||||
}
|
||||
|
||||
@ -6,7 +6,6 @@ import (
|
||||
)
|
||||
|
||||
type authValue struct {
|
||||
Target string
|
||||
Username string
|
||||
Secret *plancontext.Secret
|
||||
}
|
||||
@ -14,41 +13,23 @@ type authValue struct {
|
||||
// Decodes an auth field value
|
||||
//
|
||||
// Cue format:
|
||||
// auth: [...{
|
||||
// target: string
|
||||
// auth: {
|
||||
// username: string
|
||||
// secret: string | #Secret
|
||||
// }]
|
||||
func decodeAuthValue(pctx *plancontext.Context, v *compiler.Value) ([]*authValue, error) {
|
||||
vals, err := v.List()
|
||||
// }
|
||||
func decodeAuthValue(pctx *plancontext.Context, v *compiler.Value) (*authValue, error) {
|
||||
authVal := authValue{}
|
||||
username, err := v.Lookup("username").String()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
authVal.Username = username
|
||||
|
||||
authVals := []*authValue{}
|
||||
for _, val := range vals {
|
||||
authVal := authValue{}
|
||||
|
||||
target, err := val.Lookup("target").String()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
authVal.Target = target
|
||||
|
||||
username, err := val.Lookup("username").String()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
authVal.Username = username
|
||||
|
||||
secret, err := pctx.Secrets.FromValue(val.Lookup("secret"))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
authVal.Secret = secret
|
||||
|
||||
authVals = append(authVals, &authVal)
|
||||
secret, err := pctx.Secrets.FromValue(v.Lookup("secret"))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
authVal.Secret = secret
|
||||
|
||||
return authVals, nil
|
||||
return &authVal, nil
|
||||
}
|
||||
|
||||
@ -28,13 +28,18 @@ func (c *pullTask) Run(ctx context.Context, pctx *plancontext.Context, s solver.
|
||||
}
|
||||
|
||||
// Read auth info
|
||||
auth, err := decodeAuthValue(pctx, v.Lookup("auth"))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
for _, a := range auth {
|
||||
s.AddCredentials(a.Target, a.Username, a.Secret.PlainText())
|
||||
lg.Debug().Str("target", a.Target).Msg("add target credentials")
|
||||
if auth := v.Lookup("auth"); auth.Exists() {
|
||||
a, err := decodeAuthValue(pctx, auth)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
// Extract registry target from source
|
||||
target, err := solver.ParseAuthHost(rawRef)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
s.AddCredentials(target, a.Username, a.Secret.PlainText())
|
||||
lg.Debug().Str("target", target).Msg("add target credentials")
|
||||
}
|
||||
|
||||
ref, err := reference.ParseNormalizedNamed(rawRef)
|
||||
|
||||
@ -36,13 +36,19 @@ func (c *pushTask) Run(ctx context.Context, pctx *plancontext.Context, s solver.
|
||||
dest = reference.TagNameOnly(dest)
|
||||
|
||||
// Read auth info
|
||||
auth, err := decodeAuthValue(pctx, v.Lookup("auth"))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
for _, a := range auth {
|
||||
s.AddCredentials(a.Target, a.Username, a.Secret.PlainText())
|
||||
lg.Debug().Str("target", a.Target).Msg("add target credentials")
|
||||
if auth := v.Lookup("auth"); auth.Exists() {
|
||||
// Read auth info
|
||||
a, err := decodeAuthValue(pctx, auth)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
// Extract registry target from dest
|
||||
target, err := solver.ParseAuthHost(rawDest)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
s.AddCredentials(target, a.Username, a.Secret.PlainText())
|
||||
lg.Debug().Str("target", target).Msg("add target credentials")
|
||||
}
|
||||
|
||||
// Get input state
|
||||
|
||||
Reference in New Issue
Block a user