Improve #docker.Push definition :
- Push to private registry - Output ref and digest - Update doc - Add tests to universe.bats Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
This commit is contained in:
parent
535bbb68fb
commit
b1ed40ffed
@ -70,18 +70,24 @@ _No output._
|
||||
|
||||
## docker.#Push
|
||||
|
||||
Push a docker image
|
||||
Push a docker image to remote registry
|
||||
|
||||
### docker.#Push Inputs
|
||||
|
||||
| Name | Type | Description |
|
||||
| ------------- |:-------------: |:-------------: |
|
||||
|*ref* | `string` |Remote ref (example: "index.docker.io/alpine:latest") |
|
||||
|*source* | `dagger.#Artifact` |Image |
|
||||
| Name | Type | Description |
|
||||
| ------------- |:-------------: |:-------------: |
|
||||
|*name* | `string` |Remote name (example: "index.docker.io/alpine:latest") |
|
||||
|*source* | `dagger.#Artifact` |Image source |
|
||||
|*registry.target* | `*"https://index.docker.io/v1/" \| string` |Remote registry |
|
||||
|*registry.username* | `string` |Username |
|
||||
|*registry.secret* | `(string\|bytes)` |Password or secret |
|
||||
|
||||
### docker.#Push Outputs
|
||||
|
||||
_No output._
|
||||
| Name | Type | Description |
|
||||
| ------------- |:-------------: |:-------------: |
|
||||
|*out.ref* | `string` |Image ref |
|
||||
|*out.digest* | `string` |Image digest |
|
||||
|
||||
## docker.#Run
|
||||
|
||||
|
2
stdlib/.dagger/env/docker-pull/.gitignore
vendored
Normal file
2
stdlib/.dagger/env/docker-pull/.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
# dagger state
|
||||
state/**
|
26
stdlib/.dagger/env/docker-pull/plan/pull.cue
vendored
Normal file
26
stdlib/.dagger/env/docker-pull/plan/pull.cue
vendored
Normal file
@ -0,0 +1,26 @@
|
||||
package docker
|
||||
|
||||
import (
|
||||
"dagger.io/docker"
|
||||
"dagger.io/dagger/op"
|
||||
"dagger.io/alpine"
|
||||
)
|
||||
|
||||
ref: string @dagger(input)
|
||||
|
||||
TestPull: {
|
||||
pull: docker.#Pull & {from: ref}
|
||||
|
||||
check: #up: [
|
||||
op.#Load & {from: alpine.#Image},
|
||||
op.#Exec & {
|
||||
always: true
|
||||
args: [
|
||||
"sh", "-c", """
|
||||
grep -q "test" /src/test.txt
|
||||
""",
|
||||
]
|
||||
mount: "/src": from: pull
|
||||
},
|
||||
]
|
||||
}
|
24
stdlib/.dagger/env/docker-pull/values.yaml
vendored
Normal file
24
stdlib/.dagger/env/docker-pull/values.yaml
vendored
Normal file
@ -0,0 +1,24 @@
|
||||
name: docker-pull
|
||||
inputs:
|
||||
ref:
|
||||
text: docker.io/daggerio/ci-test:qhkmeqmhmnqn@sha256:96640793ed325f893608508f1b60b9c19b547c178e45639a249989545894eed4
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0WFI2ZGFUOWgvNkdlZ3Na
|
||||
dEE5dTlVQi8vUVJqcHUxWE9GSmdnNmZLMHhRCm1sbFlJbEw1ZVFSVXU4MCtkT09l
|
||||
dVR1WE5XUkVpSXA3aXN5TzZLaWJRNnMKLS0tIDZINGpzODdXVUdKVVpFMjFUbUFO
|
||||
SG1raUVNTzZIWDltV1pOS3hySHlJeWcKg3blmstOGcxtPww513+mAEA0MWOXwNAT
|
||||
5ngRvG6MraW3g9dhIuUYOwjuJyz1Z07/DBEocSxnjSyw45ZCkM1/9Q==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2021-06-12T15:01:07Z"
|
||||
mac: ENC[AES256_GCM,data:kmryJiX4cnZTeyRcH+TljCj+m5kEA4yPu0gQkqS3apEolfNFWzkdlvRS2P+9EYO19iT1FxpNRwrs+G9qGeISubc48u2++Yb/mAUU4ilIu8flIPs3s63Ep8FeRv+hI3Govljjbjyds+3mR+o0Iv+KhpKBPDboXyRpWGlIijpBzLQ=,iv:ROAK7qmGn0jWDZp8uPLVbReqdgO9qw8EESkYdPjxLDk=,tag:8CrydkWN9xtJX8yItgjz+A==,type:str]
|
||||
pgp: []
|
||||
encrypted_suffix: secret
|
||||
version: 3.7.1
|
2
stdlib/.dagger/env/docker-push-invalid-creds/.gitignore
vendored
Normal file
2
stdlib/.dagger/env/docker-push-invalid-creds/.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
# dagger state
|
||||
state/**
|
34
stdlib/.dagger/env/docker-push-invalid-creds/plan/push.cue
vendored
Normal file
34
stdlib/.dagger/env/docker-push-invalid-creds/plan/push.cue
vendored
Normal file
@ -0,0 +1,34 @@
|
||||
package docker
|
||||
|
||||
import (
|
||||
"dagger.io/docker"
|
||||
"dagger.io/random"
|
||||
)
|
||||
|
||||
TestRegistry: {
|
||||
username: string @dagger(input)
|
||||
secret: string @dagger(input)
|
||||
}
|
||||
|
||||
TestPush: {
|
||||
tag: random.#String & {seed: "docker push and pull should fail"}
|
||||
|
||||
name: "daggerio/ci-test:\(tag.out)"
|
||||
|
||||
image: docker.#ImageFromDockerfile & {
|
||||
dockerfile: """
|
||||
FROM alpine
|
||||
RUN echo "test" > /test.txt
|
||||
"""
|
||||
context: ""
|
||||
}
|
||||
|
||||
push: docker.#Push & {
|
||||
"name": name
|
||||
source: image
|
||||
registry: {
|
||||
username: TestRegistry.username
|
||||
secret: TestRegistry.secret
|
||||
}
|
||||
}
|
||||
}
|
26
stdlib/.dagger/env/docker-push-invalid-creds/values.yaml
vendored
Normal file
26
stdlib/.dagger/env/docker-push-invalid-creds/values.yaml
vendored
Normal file
@ -0,0 +1,26 @@
|
||||
name: docker-push-invalid-creds
|
||||
inputs:
|
||||
TestRegistry.secret:
|
||||
text: ENC[AES256_GCM,data:QOkT,iv:MUV92Llmt8pskd1AUjnvpQ+B3Ws1wLKIuzy7SVhHRME=,tag:StNvPnmz89GcLb1Cro3O9g==,type:str]
|
||||
TestRegistry.username:
|
||||
text: john
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB3MC9DZGU1Tm5Ta2ttNUph
|
||||
ZGxZaGxLMklRRWVaVmtzdEdqbnlkYmIvK2hNClVKd2RCak1GYXlvZWQxaHlzQUNw
|
||||
Y2czeEdXZnQxT2dVQ01GY0NTcGNkMnMKLS0tIGwwa0xXVEZQUVUzdUpOQUJFTUxy
|
||||
ZzZNNk1xb0F4cWVQRjh4aUJSUzExd2cKl0Ka0Qcc2KNOQjl3Bhnb1sGuJCZ6iDs4
|
||||
Hz2EldaxWJHZxuS18uNC38NxufG02ULJqJb2QC4cOzPrTeeKVE6Qlg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2021-06-12T15:03:49Z"
|
||||
mac: ENC[AES256_GCM,data:o2fTjTnDgSX4f2jSjs1LSKJ7eTrTmFV44gyZdYCdYnb6eyXpFuT4Bru8ERuJlTvUSc3wx4js14BlxS3T0tX0aBV39ScBlzQOC4Ulyvh4KOKEH9uUl7YmGrFlNH4yQ7DYoezxCqwxlLZGavDaSXUszvKWlcdMsTm3L/4LkfHQzWk=,iv:E1gyYQ0+02bIQguvN0w+wp8RS6uyT17tXp18e5riXmg=,tag:Azjz4ZivYmjC/7eMc6SfSQ==,type:str]
|
||||
pgp: []
|
||||
encrypted_suffix: secret
|
||||
version: 3.7.1
|
2
stdlib/.dagger/env/docker-push/.gitignore
vendored
Normal file
2
stdlib/.dagger/env/docker-push/.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
# dagger state
|
||||
state/**
|
63
stdlib/.dagger/env/docker-push/plan/push.cue
vendored
Normal file
63
stdlib/.dagger/env/docker-push/plan/push.cue
vendored
Normal file
@ -0,0 +1,63 @@
|
||||
package docker
|
||||
|
||||
import (
|
||||
"dagger.io/dagger/op"
|
||||
"dagger.io/dagger"
|
||||
"dagger.io/docker"
|
||||
"dagger.io/alpine"
|
||||
"dagger.io/random"
|
||||
)
|
||||
|
||||
TestRegistry: {
|
||||
username: string @dagger(input)
|
||||
secret: dagger.#Secret @dagger(input)
|
||||
}
|
||||
|
||||
#TestGetSecret: {
|
||||
secret: dagger.#Artifact
|
||||
|
||||
out: {
|
||||
string
|
||||
|
||||
#up: [
|
||||
op.#Load & {from: alpine.#Image},
|
||||
|
||||
op.#Exec & {
|
||||
always: true
|
||||
args: ["sh", "-c", "cp /input/secret /secret"]
|
||||
mount: "/input/secret": "secret": secret
|
||||
},
|
||||
|
||||
op.#Export & {
|
||||
source: "/secret"
|
||||
},
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
TestPush: {
|
||||
tag: random.#String & {seed: "docker push and pull"}
|
||||
|
||||
name: "daggerio/ci-test:\(tag.out)"
|
||||
|
||||
secret: #TestGetSecret & {
|
||||
secret: TestRegistry.secret
|
||||
}
|
||||
|
||||
image: docker.#ImageFromDockerfile & {
|
||||
dockerfile: """
|
||||
FROM alpine
|
||||
RUN echo "test" > /test.txt
|
||||
"""
|
||||
context: ""
|
||||
}
|
||||
|
||||
push: docker.#Push & {
|
||||
"name": name
|
||||
source: image
|
||||
registry: {
|
||||
username: TestRegistry.username
|
||||
"secret": secret.out
|
||||
}
|
||||
}
|
||||
}
|
26
stdlib/.dagger/env/docker-push/values.yaml
vendored
Normal file
26
stdlib/.dagger/env/docker-push/values.yaml
vendored
Normal file
@ -0,0 +1,26 @@
|
||||
name: docker-push
|
||||
inputs:
|
||||
TestRegistry.secret:
|
||||
secret: ENC[AES256_GCM,data:ooc+0IjYtX9tkM7q1i4Ws6CorZsWtGQzHbjGx+j892iTZC7Q,iv:asdJzuRAHBRhD/FlkEd1VvX1tIz/qupBL7sMQWxZL5E=,tag:yuTyDx7hZeC+cmHx6tspmQ==,type:str]
|
||||
TestRegistry.username:
|
||||
text: daggertest
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1gxwmtwahzwdmrskhf90ppwlnze30lgpm056kuesrxzeuyclrwvpsupwtpk
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrcnpRZ203QzhtKzc3bzF4
|
||||
Y002V0JUUnNZMks2VS83SjBOdVZid1dxbTJjCmc5VGtvM3lOejEvQ3VMZ1ZyZElZ
|
||||
Skd3ZWxRMHdQRHdtZFBYUFMweDFlL28KLS0tIHhHeUh4a2gvb2w3UTEyNFZaK0dS
|
||||
UjFJYTc1UUUzSFVkZjQ2blRsSGpVdVEKOanMR3+WlAgoDfqTUW7WPW1ytT3NdkTX
|
||||
4Rqo49QmnuKFJ9tKoBFQOqgIo8E/lpcOkeIUiy5e/35FvsZ/KFk/pg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2021-06-12T13:31:57Z"
|
||||
mac: ENC[AES256_GCM,data:TrLGfqDj3lvZKroaPtlDuR0Ki+yoFDYFqIhW+g7iasVOzvDaqHepX8X/aLiHX+XHdTqGH6ehfu1k1BSaz6xKqqdIai9NIyokgIKXR1F5mRgK/aDhc6x/YvX3dSl79/4zBBblDpYNFhCarQMxeTSFP9GfW+e0+T/z10fHHlQub8o=,iv:Pab2qkZTqP/6j4LV0B97SACQm/UZPMkeahGjZLJ2fFg=,tag:r4IW1WRipuC/MdtwEzzEpA==,type:str]
|
||||
pgp: []
|
||||
encrypted_suffix: secret
|
||||
version: 3.7.1
|
@ -3,6 +3,7 @@ package docker
|
||||
|
||||
import (
|
||||
"alpha.dagger.io/dagger"
|
||||
"alpha.dagger.io/alpine"
|
||||
"alpha.dagger.io/dagger/op"
|
||||
)
|
||||
|
||||
@ -28,18 +29,73 @@ import (
|
||||
]
|
||||
}
|
||||
|
||||
// Push a docker image
|
||||
// Push a docker image to remote registry
|
||||
#Push: {
|
||||
// Remote ref (example: "index.docker.io/alpine:latest")
|
||||
ref: string @dagger(input)
|
||||
// Remote name (example: "index.docker.io/alpine:latest")
|
||||
name: string @dagger(input)
|
||||
|
||||
// Image
|
||||
// Image source
|
||||
source: dagger.#Artifact @dagger(input)
|
||||
|
||||
#up: [
|
||||
op.#Load & {from: source},
|
||||
op.#PushContainer & {"ref": ref},
|
||||
// Image registry
|
||||
registry: {
|
||||
// Remote registry
|
||||
target: string | *"https://index.docker.io/v1/" @dagger(input)
|
||||
|
||||
// Username
|
||||
username: string @dagger(input)
|
||||
|
||||
// Password or secret
|
||||
secret: string | bytes @dagger(input)
|
||||
}
|
||||
|
||||
push: #up: [
|
||||
op.#Load & {from: source},
|
||||
|
||||
if registry != _|_ {
|
||||
op.#DockerLogin & {
|
||||
target: registry.target
|
||||
username: registry.username
|
||||
secret: registry.secret
|
||||
}
|
||||
},
|
||||
|
||||
op.#PushContainer & {ref: name},
|
||||
op.#Subdir & {dir: "/dagger"},
|
||||
]
|
||||
|
||||
out: {
|
||||
// Image ref
|
||||
ref: string @dagger(output)
|
||||
|
||||
// Image digest
|
||||
digest: string @dagger(output)
|
||||
|
||||
#up: [
|
||||
op.#Load & {from: alpine.#Image & {
|
||||
package: {
|
||||
bash: true
|
||||
jq: true
|
||||
}
|
||||
}},
|
||||
|
||||
op.#Exec & {
|
||||
always: true
|
||||
args: ["/bin/bash", "-c", #"""
|
||||
jq --arg key0 'ref' --arg value0 $(cat /dagger/image_ref) \
|
||||
--arg key1 'digest' --arg value1 $(cat /dagger/image_digest) \
|
||||
'. | .[$key0]=$value0 | .[$key1]=$value1 '<<< '{}' > /out
|
||||
"""#,
|
||||
]
|
||||
mount: "/dagger": from: push
|
||||
},
|
||||
|
||||
op.#Export & {
|
||||
source: "/out"
|
||||
format: "json"
|
||||
},
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
#Run: {
|
||||
|
@ -62,6 +62,23 @@ setup() {
|
||||
dagger -e docker-build up
|
||||
}
|
||||
|
||||
@test "docker push and pull" {
|
||||
# Push image
|
||||
dagger -e docker-push up
|
||||
|
||||
# Get image reference
|
||||
dagger -e docker-pull input text ref "$(dagger -e docker-push query -c TestPush.push.out.ref | tr -d '\n' | tr -d '\"')"
|
||||
|
||||
# Pull image
|
||||
dagger -e docker-pull up
|
||||
}
|
||||
|
||||
@test "docker push and pull: invalid credential" {
|
||||
# Push image (SHOULD FAIL)
|
||||
run docker -e docker-push-invalid-creds up
|
||||
assert_failure
|
||||
}
|
||||
|
||||
@test "docker command: ssh" {
|
||||
dagger -e docker-command-ssh up
|
||||
}
|
||||
|
Reference in New Issue
Block a user