Improve #docker.Push definition :

- Push to private registry
- Output ref and digest
- Update doc
- Add tests to universe.bats

Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
This commit is contained in:
Tom Chauveau 2021-06-12 17:11:27 +02:00
parent 535bbb68fb
commit b1ed40ffed
12 changed files with 297 additions and 13 deletions

View File

@ -70,18 +70,24 @@ _No output._
## docker.#Push
Push a docker image
Push a docker image to remote registry
### docker.#Push Inputs
| Name | Type | Description |
| ------------- |:-------------: |:-------------: |
|*ref* | `string` |Remote ref (example: "index.docker.io/alpine:latest") |
|*source* | `dagger.#Artifact` |Image |
|*name* | `string` |Remote name (example: "index.docker.io/alpine:latest") |
|*source* | `dagger.#Artifact` |Image source |
|*registry.target* | `*"https://index.docker.io/v1/" \| string` |Remote registry |
|*registry.username* | `string` |Username |
|*registry.secret* | `(string\|bytes)` |Password or secret |
### docker.#Push Outputs
_No output._
| Name | Type | Description |
| ------------- |:-------------: |:-------------: |
|*out.ref* | `string` |Image ref |
|*out.digest* | `string` |Image digest |
## docker.#Run

View File

@ -0,0 +1,2 @@
# dagger state
state/**

View File

@ -0,0 +1,26 @@
package docker
import (
"dagger.io/docker"
"dagger.io/dagger/op"
"dagger.io/alpine"
)
ref: string @dagger(input)
TestPull: {
pull: docker.#Pull & {from: ref}
check: #up: [
op.#Load & {from: alpine.#Image},
op.#Exec & {
always: true
args: [
"sh", "-c", """
grep -q "test" /src/test.txt
""",
]
mount: "/src": from: pull
},
]
}

View File

@ -0,0 +1,24 @@
name: docker-pull
inputs:
ref:
text: docker.io/daggerio/ci-test:qhkmeqmhmnqn@sha256:96640793ed325f893608508f1b60b9c19b547c178e45639a249989545894eed4
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0WFI2ZGFUOWgvNkdlZ3Na
dEE5dTlVQi8vUVJqcHUxWE9GSmdnNmZLMHhRCm1sbFlJbEw1ZVFSVXU4MCtkT09l
dVR1WE5XUkVpSXA3aXN5TzZLaWJRNnMKLS0tIDZINGpzODdXVUdKVVpFMjFUbUFO
SG1raUVNTzZIWDltV1pOS3hySHlJeWcKg3blmstOGcxtPww513+mAEA0MWOXwNAT
5ngRvG6MraW3g9dhIuUYOwjuJyz1Z07/DBEocSxnjSyw45ZCkM1/9Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2021-06-12T15:01:07Z"
mac: ENC[AES256_GCM,data:kmryJiX4cnZTeyRcH+TljCj+m5kEA4yPu0gQkqS3apEolfNFWzkdlvRS2P+9EYO19iT1FxpNRwrs+G9qGeISubc48u2++Yb/mAUU4ilIu8flIPs3s63Ep8FeRv+hI3Govljjbjyds+3mR+o0Iv+KhpKBPDboXyRpWGlIijpBzLQ=,iv:ROAK7qmGn0jWDZp8uPLVbReqdgO9qw8EESkYdPjxLDk=,tag:8CrydkWN9xtJX8yItgjz+A==,type:str]
pgp: []
encrypted_suffix: secret
version: 3.7.1

View File

@ -0,0 +1,2 @@
# dagger state
state/**

View File

@ -0,0 +1,34 @@
package docker
import (
"dagger.io/docker"
"dagger.io/random"
)
TestRegistry: {
username: string @dagger(input)
secret: string @dagger(input)
}
TestPush: {
tag: random.#String & {seed: "docker push and pull should fail"}
name: "daggerio/ci-test:\(tag.out)"
image: docker.#ImageFromDockerfile & {
dockerfile: """
FROM alpine
RUN echo "test" > /test.txt
"""
context: ""
}
push: docker.#Push & {
"name": name
source: image
registry: {
username: TestRegistry.username
secret: TestRegistry.secret
}
}
}

View File

@ -0,0 +1,26 @@
name: docker-push-invalid-creds
inputs:
TestRegistry.secret:
text: ENC[AES256_GCM,data:QOkT,iv:MUV92Llmt8pskd1AUjnvpQ+B3Ws1wLKIuzy7SVhHRME=,tag:StNvPnmz89GcLb1Cro3O9g==,type:str]
TestRegistry.username:
text: john
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3MC9DZGU1Tm5Ta2ttNUph
ZGxZaGxLMklRRWVaVmtzdEdqbnlkYmIvK2hNClVKd2RCak1GYXlvZWQxaHlzQUNw
Y2czeEdXZnQxT2dVQ01GY0NTcGNkMnMKLS0tIGwwa0xXVEZQUVUzdUpOQUJFTUxy
ZzZNNk1xb0F4cWVQRjh4aUJSUzExd2cKl0Ka0Qcc2KNOQjl3Bhnb1sGuJCZ6iDs4
Hz2EldaxWJHZxuS18uNC38NxufG02ULJqJb2QC4cOzPrTeeKVE6Qlg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2021-06-12T15:03:49Z"
mac: ENC[AES256_GCM,data:o2fTjTnDgSX4f2jSjs1LSKJ7eTrTmFV44gyZdYCdYnb6eyXpFuT4Bru8ERuJlTvUSc3wx4js14BlxS3T0tX0aBV39ScBlzQOC4Ulyvh4KOKEH9uUl7YmGrFlNH4yQ7DYoezxCqwxlLZGavDaSXUszvKWlcdMsTm3L/4LkfHQzWk=,iv:E1gyYQ0+02bIQguvN0w+wp8RS6uyT17tXp18e5riXmg=,tag:Azjz4ZivYmjC/7eMc6SfSQ==,type:str]
pgp: []
encrypted_suffix: secret
version: 3.7.1

View File

@ -0,0 +1,2 @@
# dagger state
state/**

View File

@ -0,0 +1,63 @@
package docker
import (
"dagger.io/dagger/op"
"dagger.io/dagger"
"dagger.io/docker"
"dagger.io/alpine"
"dagger.io/random"
)
TestRegistry: {
username: string @dagger(input)
secret: dagger.#Secret @dagger(input)
}
#TestGetSecret: {
secret: dagger.#Artifact
out: {
string
#up: [
op.#Load & {from: alpine.#Image},
op.#Exec & {
always: true
args: ["sh", "-c", "cp /input/secret /secret"]
mount: "/input/secret": "secret": secret
},
op.#Export & {
source: "/secret"
},
]
}
}
TestPush: {
tag: random.#String & {seed: "docker push and pull"}
name: "daggerio/ci-test:\(tag.out)"
secret: #TestGetSecret & {
secret: TestRegistry.secret
}
image: docker.#ImageFromDockerfile & {
dockerfile: """
FROM alpine
RUN echo "test" > /test.txt
"""
context: ""
}
push: docker.#Push & {
"name": name
source: image
registry: {
username: TestRegistry.username
"secret": secret.out
}
}
}

View File

@ -0,0 +1,26 @@
name: docker-push
inputs:
TestRegistry.secret:
secret: ENC[AES256_GCM,data:ooc+0IjYtX9tkM7q1i4Ws6CorZsWtGQzHbjGx+j892iTZC7Q,iv:asdJzuRAHBRhD/FlkEd1VvX1tIz/qupBL7sMQWxZL5E=,tag:yuTyDx7hZeC+cmHx6tspmQ==,type:str]
TestRegistry.username:
text: daggertest
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrcnpRZ203QzhtKzc3bzF4
Y002V0JUUnNZMks2VS83SjBOdVZid1dxbTJjCmc5VGtvM3lOejEvQ3VMZ1ZyZElZ
Skd3ZWxRMHdQRHdtZFBYUFMweDFlL28KLS0tIHhHeUh4a2gvb2w3UTEyNFZaK0dS
UjFJYTc1UUUzSFVkZjQ2blRsSGpVdVEKOanMR3+WlAgoDfqTUW7WPW1ytT3NdkTX
4Rqo49QmnuKFJ9tKoBFQOqgIo8E/lpcOkeIUiy5e/35FvsZ/KFk/pg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2021-06-12T13:31:57Z"
mac: ENC[AES256_GCM,data:TrLGfqDj3lvZKroaPtlDuR0Ki+yoFDYFqIhW+g7iasVOzvDaqHepX8X/aLiHX+XHdTqGH6ehfu1k1BSaz6xKqqdIai9NIyokgIKXR1F5mRgK/aDhc6x/YvX3dSl79/4zBBblDpYNFhCarQMxeTSFP9GfW+e0+T/z10fHHlQub8o=,iv:Pab2qkZTqP/6j4LV0B97SACQm/UZPMkeahGjZLJ2fFg=,tag:r4IW1WRipuC/MdtwEzzEpA==,type:str]
pgp: []
encrypted_suffix: secret
version: 3.7.1

View File

@ -3,6 +3,7 @@ package docker
import (
"alpha.dagger.io/dagger"
"alpha.dagger.io/alpine"
"alpha.dagger.io/dagger/op"
)
@ -28,18 +29,73 @@ import (
]
}
// Push a docker image
// Push a docker image to remote registry
#Push: {
// Remote ref (example: "index.docker.io/alpine:latest")
ref: string @dagger(input)
// Remote name (example: "index.docker.io/alpine:latest")
name: string @dagger(input)
// Image
// Image source
source: dagger.#Artifact @dagger(input)
#up: [
// Image registry
registry: {
// Remote registry
target: string | *"https://index.docker.io/v1/" @dagger(input)
// Username
username: string @dagger(input)
// Password or secret
secret: string | bytes @dagger(input)
}
push: #up: [
op.#Load & {from: source},
op.#PushContainer & {"ref": ref},
if registry != _|_ {
op.#DockerLogin & {
target: registry.target
username: registry.username
secret: registry.secret
}
},
op.#PushContainer & {ref: name},
op.#Subdir & {dir: "/dagger"},
]
out: {
// Image ref
ref: string @dagger(output)
// Image digest
digest: string @dagger(output)
#up: [
op.#Load & {from: alpine.#Image & {
package: {
bash: true
jq: true
}
}},
op.#Exec & {
always: true
args: ["/bin/bash", "-c", #"""
jq --arg key0 'ref' --arg value0 $(cat /dagger/image_ref) \
--arg key1 'digest' --arg value1 $(cat /dagger/image_digest) \
'. | .[$key0]=$value0 | .[$key1]=$value1 '<<< '{}' > /out
"""#,
]
mount: "/dagger": from: push
},
op.#Export & {
source: "/out"
format: "json"
},
]
}
}
#Run: {

View File

@ -62,6 +62,23 @@ setup() {
dagger -e docker-build up
}
@test "docker push and pull" {
# Push image
dagger -e docker-push up
# Get image reference
dagger -e docker-pull input text ref "$(dagger -e docker-push query -c TestPush.push.out.ref | tr -d '\n' | tr -d '\"')"
# Pull image
dagger -e docker-pull up
}
@test "docker push and pull: invalid credential" {
# Push image (SHOULD FAIL)
run docker -e docker-push-invalid-creds up
assert_failure
}
@test "docker command: ssh" {
dagger -e docker-command-ssh up
}