reorganized spec vs implemented, reconciled gap
Signed-off-by: Richard Jones <richard@dagger.io>
This commit is contained in:
parent
498b204eb9
commit
c15a7c6d22
@ -2,50 +2,71 @@ package engine
|
|||||||
|
|
||||||
// A deployment plan executed by `dagger up`
|
// A deployment plan executed by `dagger up`
|
||||||
#Plan: {
|
#Plan: {
|
||||||
context: #Context
|
// Receive inputs from the client
|
||||||
actions: [string]: _
|
input: {
|
||||||
}
|
// Receive directories
|
||||||
|
directories: [string]: _#inputDirectory
|
||||||
// FIXME: Platform spec here
|
// Securely receive secrets
|
||||||
#Platform: string
|
secrets: [string]: _#inputSecret
|
||||||
|
|
||||||
#Context: {
|
|
||||||
// Platform to target
|
|
||||||
platform?: #Platform
|
|
||||||
|
|
||||||
// Import directories
|
|
||||||
imports: [string]: {
|
|
||||||
_type: "Import"
|
|
||||||
|
|
||||||
path: string
|
|
||||||
include?: [...string]
|
|
||||||
exclude?: [...string]
|
|
||||||
fs: #FS
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Securely load external secrets
|
// Forward network services to and from the client
|
||||||
secrets: [string]: {
|
proxy: [string]: _#proxyEndpoint
|
||||||
// Secrets can be securely mounted into action containers as a file
|
|
||||||
|
// Execute actions in containers
|
||||||
|
actions: {
|
||||||
|
...
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
_#inputDirectory: {
|
||||||
|
// Import from this path ON THE CLIENT MACHINE
|
||||||
|
// Example: "/Users/Alice/dev/todoapp/src"
|
||||||
|
_type: "LocalDirectory"
|
||||||
|
path: string
|
||||||
|
|
||||||
|
// Filename patterns to include
|
||||||
|
// Example: ["*.go", "Dockerfile"]
|
||||||
|
include?: [...string]
|
||||||
|
|
||||||
|
// Filename patterns to exclude
|
||||||
|
// Example: ["node_modules"]
|
||||||
|
exclude?: [...string]
|
||||||
|
|
||||||
|
// Imported filesystem contents
|
||||||
|
// Use this as input for actions requiring an #FS field
|
||||||
|
contents: #FS
|
||||||
|
}
|
||||||
|
|
||||||
|
// Securely receive a secret from the client
|
||||||
|
_#inputSecret: {
|
||||||
|
// Reference to the secret contents
|
||||||
|
// Use this by securely mounting it into a container.
|
||||||
|
// See universe.dagger.io/docker.#Run.mounts
|
||||||
|
// FIXME: `contents` field name causes confusion (not actually the secret contents..)
|
||||||
contents: #Secret
|
contents: #Secret
|
||||||
|
|
||||||
{
|
{
|
||||||
|
// Read secret from a file ON THE CLIENT MACHINE
|
||||||
_type: "SecretFile"
|
_type: "SecretFile"
|
||||||
// Read secret from a file
|
|
||||||
path: string
|
path: string
|
||||||
} | {
|
} | {
|
||||||
_type: "SecretEnv"
|
|
||||||
// Read secret from an environment variable ON THE CLIENT MACHINE
|
// Read secret from an environment variable ON THE CLIENT MACHINE
|
||||||
|
_type: "SecretEnv"
|
||||||
envvar: string
|
envvar: string
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
services: [string]: {
|
// Forward a network endpoint to and from the client
|
||||||
service: #Service
|
_#proxyEndpoint: {
|
||||||
|
// Service endpoint can be proxied to action containers as unix sockets
|
||||||
|
// FIXME: should #Service be renamed to #ServiceEndpoint or #Endpoint? Naming things is hard...
|
||||||
|
// FIXME: reconcile with spec
|
||||||
_type: "Service"
|
_type: "Service"
|
||||||
|
service: #Service
|
||||||
{
|
{
|
||||||
unix: string
|
unix: string
|
||||||
} | {
|
} | {
|
||||||
npipe: string
|
npipe: string
|
||||||
}
|
}
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
102
stdlib/europa/dagger/engine/spec/engine/plan.cue
Normal file
102
stdlib/europa/dagger/engine/spec/engine/plan.cue
Normal file
@ -0,0 +1,102 @@
|
|||||||
|
// The Dagger API.
|
||||||
|
package dagger
|
||||||
|
|
||||||
|
// A deployment plan executed by `dagger up`
|
||||||
|
#Plan: #DAG
|
||||||
|
|
||||||
|
// A special kind of program which `dagger` can execute.
|
||||||
|
#DAG: {
|
||||||
|
// Receive inputs from the client
|
||||||
|
input: {
|
||||||
|
// Receive directories
|
||||||
|
directories: [name=string]: _#inputDirectory
|
||||||
|
// Securely receive secrets
|
||||||
|
secrets: [name=string]: _#inputSecret
|
||||||
|
// Receive runtime parameters
|
||||||
|
params: [name=string]: _
|
||||||
|
}
|
||||||
|
|
||||||
|
// Send outputs to the client
|
||||||
|
output: {
|
||||||
|
directories: [name=string]: _#outputDirectory
|
||||||
|
}
|
||||||
|
|
||||||
|
// Forward network services to and from the client
|
||||||
|
proxy: [name=string]: _#proxyEndpoint
|
||||||
|
|
||||||
|
// Execute actions in containers
|
||||||
|
actions: {
|
||||||
|
...
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
_#inputDirectory: {
|
||||||
|
// Import from this path ON THE CLIENT MACHINE
|
||||||
|
// Example: "/Users/Alice/dev/todoapp/src"
|
||||||
|
source: string
|
||||||
|
|
||||||
|
// Filename patterns to include
|
||||||
|
// Example: ["*.go", "Dockerfile"]
|
||||||
|
include?: [...string]
|
||||||
|
|
||||||
|
// Filename patterns to exclude
|
||||||
|
// Example: ["node_modules"]
|
||||||
|
exclude?: [...string]
|
||||||
|
|
||||||
|
// Imported filesystem contents
|
||||||
|
// Use this as input for actions requiring an #FS field
|
||||||
|
contents: #FS
|
||||||
|
}
|
||||||
|
|
||||||
|
_#outputDirectory: {
|
||||||
|
// Filesystem contents to export
|
||||||
|
// Reference an #FS field produced by an action
|
||||||
|
contents: #FS
|
||||||
|
|
||||||
|
// Export to this path ON THE CLIENT MACHINE
|
||||||
|
dest: string
|
||||||
|
}
|
||||||
|
|
||||||
|
// Securely receive a secret from the client
|
||||||
|
_#inputSecret: {
|
||||||
|
// Reference to the secret contents
|
||||||
|
// Use this by securely mounting it into a container.
|
||||||
|
// See universe.dagger.io/docker.#Run.mounts
|
||||||
|
// FIXME: `contents` field name causes confusion (not actually the secret contents..)
|
||||||
|
contents: #Secret
|
||||||
|
|
||||||
|
{
|
||||||
|
// Execute a command ON THE CLIENT MACHINE and read secret from standard output
|
||||||
|
command: [string, ...string] | string
|
||||||
|
// Execute command in an interactive terminal
|
||||||
|
// for example to prompt for a passphrase
|
||||||
|
interactive: true | *false
|
||||||
|
} | {
|
||||||
|
// Read secret from a file ON THE CLIENT MACHINE
|
||||||
|
path: string
|
||||||
|
} | {
|
||||||
|
// Read secret from an environment variable ON THE CLIENT MACHINE
|
||||||
|
envvar: string
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Forward a network endpoint to and from the client
|
||||||
|
_#proxyEndpoint: {
|
||||||
|
// Service endpoint can be proxied to action containers as unix sockets
|
||||||
|
// FIXME: should #Service be renamed to #ServiceEndpoint or #Endpoint? Naming things is hard...
|
||||||
|
endpoint: #Service
|
||||||
|
|
||||||
|
{
|
||||||
|
// Listen for connections ON THE CLIENT MACHINE, proxy to actions
|
||||||
|
listen: #Address
|
||||||
|
} | {
|
||||||
|
// Connect to a remote endpoint FROM THE CLIENT MACHINE, proxy to actions
|
||||||
|
connect: #Address
|
||||||
|
} | {
|
||||||
|
// Proxy to/from the contents of a file ON THE CLIENT MACHINE
|
||||||
|
filepath: string
|
||||||
|
} | {
|
||||||
|
// Proxy to/from standard input and output of a command ON THE CLIENT MACHINE
|
||||||
|
command: [string, ...string] | string
|
||||||
|
}
|
||||||
|
}
|
@ -1,102 +1,7 @@
|
|||||||
// The Dagger API.
|
|
||||||
package dagger
|
package dagger
|
||||||
|
|
||||||
// A deployment plan executed by `dagger up`
|
import (
|
||||||
#Plan: #DAG
|
"alpha.dagger.io/europa/dagger/engine"
|
||||||
|
)
|
||||||
|
|
||||||
// A special kind of program which `dagger` can execute.
|
#Plan: engine.#Plan
|
||||||
#DAG: {
|
|
||||||
// Receive inputs from the client
|
|
||||||
input: {
|
|
||||||
// Receive directories
|
|
||||||
directories: [name=string]: _#inputDirectory
|
|
||||||
// Securely receive secrets
|
|
||||||
secrets: [name=string]: _#inputSecret
|
|
||||||
// Receive runtime parameters
|
|
||||||
params: [name=string]: _
|
|
||||||
}
|
|
||||||
|
|
||||||
// Send outputs to the client
|
|
||||||
output: {
|
|
||||||
directories: [name=string]: _#outputDirectory
|
|
||||||
}
|
|
||||||
|
|
||||||
// Forward network services to and from the client
|
|
||||||
proxy: [name=string]: _#proxyEndpoint
|
|
||||||
|
|
||||||
// Execute actions in containers
|
|
||||||
actions: {
|
|
||||||
...
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
_#inputDirectory: {
|
|
||||||
// Import from this path ON THE CLIENT MACHINE
|
|
||||||
// Example: "/Users/Alice/dev/todoapp/src"
|
|
||||||
source: string
|
|
||||||
|
|
||||||
// Filename patterns to include
|
|
||||||
// Example: ["*.go", "Dockerfile"]
|
|
||||||
include?: [...string]
|
|
||||||
|
|
||||||
// Filename patterns to exclude
|
|
||||||
// Example: ["node_modules"]
|
|
||||||
exclude?: [...string]
|
|
||||||
|
|
||||||
// Imported filesystem contents
|
|
||||||
// Use this as input for actions requiring an #FS field
|
|
||||||
contents: #FS
|
|
||||||
}
|
|
||||||
|
|
||||||
_#outputDirectory: {
|
|
||||||
// Filesystem contents to export
|
|
||||||
// Reference an #FS field produced by an action
|
|
||||||
contents: #FS
|
|
||||||
|
|
||||||
// Export to this path ON THE CLIENT MACHINE
|
|
||||||
dest: string
|
|
||||||
}
|
|
||||||
|
|
||||||
// Securely receive a secret from the client
|
|
||||||
_#inputSecret: {
|
|
||||||
// Reference to the secret contents
|
|
||||||
// Use this by securely mounting it into a container.
|
|
||||||
// See universe.dagger.io/docker.#Run.mounts
|
|
||||||
// FIXME: `contents` field name causes confusion (not actually the secret contents..)
|
|
||||||
contents: #Secret
|
|
||||||
|
|
||||||
{
|
|
||||||
// Execute a command ON THE CLIENT MACHINE and read secret from standard output
|
|
||||||
command: [string, ...string] | string
|
|
||||||
// Execute command in an interactive terminal
|
|
||||||
// for example to prompt for a passphrase
|
|
||||||
interactive: true | *false
|
|
||||||
} | {
|
|
||||||
// Read secret from a file ON THE CLIENT MACHINE
|
|
||||||
path: string
|
|
||||||
} | {
|
|
||||||
// Read secret from an environment variable ON THE CLIENT MACHINE
|
|
||||||
envvar: string
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Forward a network endpoint to and from the client
|
|
||||||
_#proxyEndpoint: {
|
|
||||||
// Service endpoint can be proxied to action containers as unix sockets
|
|
||||||
// FIXME: should #Service be renamed to #ServiceEndpoint or #Endpoint? Naming things is hard...
|
|
||||||
endpoint: #Service
|
|
||||||
|
|
||||||
{
|
|
||||||
// Listen for connections ON THE CLIENT MACHINE, proxy to actions
|
|
||||||
listen: #Address
|
|
||||||
} | {
|
|
||||||
// Connect to a remote endpoint FROM THE CLIENT MACHINE, proxy to actions
|
|
||||||
connect: #Address
|
|
||||||
} | {
|
|
||||||
// Proxy to/from the contents of a file ON THE CLIENT MACHINE
|
|
||||||
filepath: string
|
|
||||||
} | {
|
|
||||||
// Proxy to/from standard input and output of a command ON THE CLIENT MACHINE
|
|
||||||
command: [string, ...string] | string
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,7 +1,7 @@
|
|||||||
package dagger
|
package dagger
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"alpha.dagger.io/europa/dagger/engine/spec/engine"
|
"alpha.dagger.io/europa/dagger/engine"
|
||||||
)
|
)
|
||||||
|
|
||||||
// A reference to a filesystem tree.
|
// A reference to a filesystem tree.
|
||||||
@ -20,17 +20,9 @@ import (
|
|||||||
// by a special filesystem mount designed to minimize leak risk.
|
// by a special filesystem mount designed to minimize leak risk.
|
||||||
#Secret: engine.#Secret
|
#Secret: engine.#Secret
|
||||||
|
|
||||||
// A reference to a stream of bytes, for example:
|
|
||||||
// - The standard output or error stream of a command
|
|
||||||
// - The standard input stream of a command
|
|
||||||
// - The contents of a file or named pipe
|
|
||||||
#Stream: engine.#Stream
|
|
||||||
|
|
||||||
// A reference to a network service endpoint, for example:
|
// A reference to a network service endpoint, for example:
|
||||||
// - A TCP or UDP port
|
// - A TCP or UDP port
|
||||||
// - A unix socket
|
// - A unix socket
|
||||||
// - An HTTPS endpoint
|
// - An HTTPS endpoint
|
||||||
#Service: engine.#Service
|
#Service: engine.#Service
|
||||||
|
|
||||||
// A network service address
|
|
||||||
#Address: string & =~"^(tcp://|unix://|udp://).*"
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
package dagger
|
package dagger
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"alpha.dagger.io/europa/dagger/engine/spec/engine"
|
"alpha.dagger.io/europa/dagger/engine"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Select a subdirectory from a filesystem tree
|
// Select a subdirectory from a filesystem tree
|
||||||
|
Reference in New Issue
Block a user