Merge pull request #480 from TomChv/docker-run

Add #Run definition to docker package

stdlib/docker/client.cue

@@ -0,0 +1,18 @@
+package docker
+
+import (
+	"dagger.io/dagger/op"
+	"dagger.io/alpine"
+)
+
+#Client: #up: [
+	op.#Load & {
+		from: alpine.#Image & {
+			package: bash:             true
+			package: jq:               true
+			package: curl:             true
+			package: "openssh-client": true
+			package: "docker-cli":     true
+		}
+	},
+]

stdlib/docker/docker.cue

@@ -41,7 +41,140 @@ import (
 	]
 }
 
-// FIXME: #Run
+#Run: {
+	// Remote host
+	host: string @dagger(input)
+
+	// Remote user
+	user: string @dagger(input)
+
+	// Ssh remote port
+	port: *22 | int @dagger(input)
+
+	// Ssh private key
+	key: dagger.#Artifact @dagger(input)
+
+	// User fingerprint
+	fingerprint?: string @dagger(input)
+
+	// Ssh passphrase
+	passphrase?: string @dagger(input)
+
+	// Image reference (e.g: nginx:alpine)
+	ref: string @dagger(input)
+
+	// Container name
+	name?: string @dagger(input)
+
+	// Image registry
+	registry?: {
+		target:   string
+		username: string
+		secret:   dagger.#Secret
+	} @dagger(input)
+
+	#code: #"""
+	export DOCKER_HOST="ssh://$DOCKER_USERNAME@$DOCKER_HOSTNAME:\#(port)"
+
+	# Start ssh-agent
+	eval $(ssh-agent) > /dev/null
+
+	# Add key
+	message="$(ssh-keygen -y -f /key < /dev/null 2>&1)" || {
+		>&2 echo "$message"
+		exit 1
+	}
+
+	ssh-add /key > /dev/null
+	if [ "$?" != 0 ]; then
+		exit 1
+	fi
+
+	if [[ ! -z $FINGERPRINT ]]; then
+		mkdir -p "$HOME"/.ssh
+
+		# Add user's fingerprint to known hosts
+		echo "$FINGERPRINT" >> "$HOME"/.ssh/known_hosts
+	else
+		# Add host to known hosts
+		ssh -i /key -o "UserKnownHostsFile "$HOME"/.ssh/known_hosts" -o "StrictHostKeyChecking accept-new" -p \#(port) "$DOCKER_USERNAME"@"$DOCKER_HOSTNAME" /bin/true > /dev/null 2>&1
+	fi
+
+
+	# Run detach container
+	OPTS=""
+
+	if [ ! -z "$CONTAINER_NAME" ]; then
+		OPTS="$OPTS --name $CONTAINER_NAME"
+	fi
+
+	docker container run -d $OPTS \#(ref)
+	"""#
+
+	#up: [
+		op.#Load & {from: #Client},
+
+		op.#WriteFile & {
+			content: key
+			dest:    "/key"
+			mode:    0o400
+		},
+
+		if registry != _|_ {
+			op.#DockerLogin & {registry}
+		},
+
+		if passphrase != _|_ {
+			op.#WriteFile & {
+				content: passphrase
+				dest:    "/passphrase"
+				mode:    0o400
+			}
+		},
+
+		if passphrase != _|_ {
+			op.#WriteFile & {
+				content: #"""
+					#!/bin/bash
+					cat /passphrase
+					"""#
+				dest: "/get_passphrase"
+				mode: 0o500
+			}
+		},
+
+		op.#WriteFile & {
+			content: #code
+			dest:    "/entrypoint.sh"
+		},
+
+		op.#Exec & {
+			always: true
+			args: [
+				"/bin/sh",
+				"--noprofile",
+				"--norc",
+				"-eo",
+				"pipefail",
+				"/entrypoint.sh",
+			]
+			env: {
+				DOCKER_HOSTNAME: host
+				DOCKER_USERNAME: user
+				if passphrase != _|_ {
+					SSH_ASKPASS: "/get_passphrase"
+					DISPLAY:     "1"
+				}
+				if name != _|_ {
+					CONTAINER_NAME: name
+				}
+				if fingerprint != _|_ {
+					FINGERPRINT: fingerprint
+				}
+			}
+		},
+	]
+}
 
 // Build a Docker image from the provided Dockerfile contents
 // FIXME: incorporate into #Build