kjuulh/dagger
Archived
1
0
Fork 0
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity

implemented integration tests for engine.#Pull + moved auth code separately for sharing code with other tasks later

Browse Source 
Signed-off-by: Sam Alba <samalba@users.noreply.github.com>
This commit is contained in:
Sam Alba 2021-12-16 16:20:00 -08:00
parent d668dd6dd2
commit b082b1e5bc
4 changed files with 80 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/ci.yml vendored
View File

@ -101,7 +101,8 @@ jobs:
uses: crazy-max/ghaction-github-runtime@v1 uses: crazy-max/ghaction-github-runtime@v1
- name: Integration test - name: Integration test
# env: env:
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
# DAGGER_CACHE_TO: "type=gha,mode=max,scope=test-integration" # DAGGER_CACHE_TO: "type=gha,mode=max,scope=test-integration"
# DAGGER_CACHE_FROM: "type=gha,mode=max,scope=test-integration" # DAGGER_CACHE_FROM: "type=gha,mode=max,scope=test-integration"
run: | run: |

54
plan/task/auth.go Normal file
View File

@ -0,0 +1,54 @@
package task
import (
"go.dagger.io/dagger/compiler"
"go.dagger.io/dagger/plancontext"
)
type authValue struct {
Target string
Username string
Secret *plancontext.Secret
}
// Decodes an auth field value
//
// Cue format:
// auth: [...{
// target: string
// username: string
// secret: string | #Secret
// }]
func decodeAuthValue(pctx *plancontext.Context, v *compiler.Value) ([]*authValue, error) {
vals, err := v.List()
if err != nil {
return nil, err
}
authVals := []*authValue{}
for _, val := range vals {
authVal := authValue{}
target, err := val.Lookup("target").String()
if err != nil {
return nil, err
}
authVal.Target = target
username, err := val.Lookup("username").String()
if err != nil {
return nil, err
}
authVal.Username = username
secret, err := pctx.Secrets.FromValue(val.Lookup("secret"))
if err != nil {
return nil, err
}
authVal.Secret = secret
authVals = append(authVals, &authVal)
}
return authVals, nil
}

33
plan/task/pull.go
View File

@ -7,6 +7,7 @@ import (
"github.com/docker/distribution/reference" "github.com/docker/distribution/reference"
"github.com/moby/buildkit/client/llb" "github.com/moby/buildkit/client/llb"
"github.com/rs/zerolog/log"
"go.dagger.io/dagger/compiler" "go.dagger.io/dagger/compiler"
"go.dagger.io/dagger/plancontext" "go.dagger.io/dagger/plancontext"
"go.dagger.io/dagger/solver" "go.dagger.io/dagger/solver"
@ -19,20 +20,24 @@ func init() {
type pullTask struct { type pullTask struct {
} }
type authValue struct {
Target string
Username string
// FIXME: handle secrets
Secret string
}
func (c *pullTask) Run(ctx context.Context, pctx *plancontext.Context, s solver.Solver, v *compiler.Value) (*compiler.Value, error) { func (c *pullTask) Run(ctx context.Context, pctx *plancontext.Context, s solver.Solver, v *compiler.Value) (*compiler.Value, error) {
// FIXME: handle auth lg := log.Ctx(ctx)
rawRef, err := v.Lookup("source").String() rawRef, err := v.Lookup("source").String()
if err != nil { if err != nil {
return nil, err return nil, err
} }
// Read auth info
auth, err := decodeAuthValue(pctx, v.Lookup("auth"))
if err != nil {
return nil, err
}
for _, a := range auth {
s.AddCredentials(a.Target, a.Username, a.Secret.PlainText())
lg.Debug().Str("target", a.Target).Msg("add target credentials")
}
ref, err := reference.ParseNormalizedNamed(rawRef) ref, err := reference.ParseNormalizedNamed(rawRef)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to parse ref %s: %w", rawRef, err) return nil, fmt.Errorf("failed to parse ref %s: %w", rawRef, err)
@ -54,6 +59,7 @@ func (c *pullTask) Run(ctx context.Context, pctx *plancontext.Context, s solver.
if err != nil { if err != nil {
return nil, err return nil, err
} }
imageJSON, err := json.Marshal(image) imageJSON, err := json.Marshal(image)
if err != nil { if err != nil {
return nil, err return nil, err
@ -64,17 +70,6 @@ func (c *pullTask) Run(ctx context.Context, pctx *plancontext.Context, s solver.
return nil, err return nil, err
} }
auth := []authValue{}
// Read auth data
if err := v.Lookup("auth").Decode(&auth); err != nil {
return nil, err
}
for _, a := range auth {
s.AddCredentials(a.Target, a.Username, a.Secret)
}
result, err := s.Solve(ctx, st, pctx.Platform.Get()) result, err := s.Solve(ctx, st, pctx.Platform.Get())
if err != nil { if err != nil {
return nil, err return nil, err

12
tests/tasks/pull/pull_auth.cue
View File

@ -5,11 +5,19 @@ import (
) )
engine.#Plan & { engine.#Plan & {
context: secrets: {
dockerHubToken: envvar: "DOCKERHUB_TOKEN"
}
actions: pull: engine.#Pull & { actions: pull: engine.#Pull & {
source: "alpine:3.15.0@sha256:e7d88de73db3d3fd9b2d63aa7f447a10fd0220b7cbf39803c803f2af9ba256b3" source: "blocklayer/alpine-private:3.15.0@sha256:c74f1b1166784193ea6c8f9440263b9be6cae07dfe35e32a5df7a31358ac2060"
auth: [{
target: "docker.io/blocklayer/alpine-private:3.15.0"
username: "daggertest"
secret: context.secrets.dockerHubToken.contents
}]
} & { } & {
// assert result // assert result
digest: "sha256:e7d88de73db3d3fd9b2d63aa7f447a10fd0220b7cbf39803c803f2af9ba256b3" digest: "sha256:c74f1b1166784193ea6c8f9440263b9be6cae07dfe35e32a5df7a31358ac2060"
config: { config: {
Env: ["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"] Env: ["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"]
Cmd: ["/bin/sh"] Cmd: ["/bin/sh"]