Europa: integrate core packages, separate universe

Signed-off-by: Solomon Hykes <solomon@dagger.io>

stdlib/europa/dagger/engine/image.cue

@@ -0,0 +1,45 @@
+package engine
+
+// A ref is an address for a remote container image
+//
+// Examples:
+//   - "index.docker.io/dagger"
+//   - "dagger"
+//   - "index.docker.io/dagger:latest"
+//   - "index.docker.io/dagger:latest@sha256:a89cb097693dd354de598d279c304a1c73ee550fbfff6d9ee515568e0c749cfe"
+#Ref: string
+
+// Container image config. See [OCI](https://www.opencontainers.org/).
+// Spec left open on purpose to account for additional fields.
+// [Image Spec](https://github.com/opencontainers/image-spec/blob/main/specs-go/v1/config.go)
+// [Docker Superset](https://github.com/moby/buildkit/blob/master/frontend/dockerfile/dockerfile2llb/image.go)
+#ImageConfig: {
+	Env?: [...string]
+	User?: string
+	Cmd?: [...string]
+	...
+}
+
+// Download a container image from a remote repository
+#Pull: {
+	_type: "Pull"
+
+	// Repository source ref
+	source: #Ref
+
+	// Authentication
+	auth: [...{
+		target:   string
+		username: string
+		secret:   string | #Secret
+	}]
+
+	// Root filesystem of downloaded image
+	output: #FS
+
+	// Image digest
+	digest: string
+
+	// Downloaded container image config
+	config: #ImageConfig
+}

stdlib/europa/dagger/engine/plan.cue

@@ -0,0 +1,41 @@
+package engine
+
+// A deployment plan executed by `dagger up`
+#Plan: {
+	context: #Context
+	actions: [string]: _
+}
+
+// FIXME: Platform spec here
+#Platform: string
+
+#Context: {
+	// Platform to target
+	platform?: #Platform
+
+	// Import directories
+	imports: [string]: {
+		_type: "Import"
+
+		path: string
+		include?: [...string]
+		exclude?: [...string]
+		fs: #FS
+	}
+
+	// Securely load external secrets
+	secrets: [string]: {
+		// Secrets can be securely mounted into action containers as a file
+		contents: #Secret
+
+		{
+			_type: "SecretFile"
+			// Read secret from a file
+			path: string
+		} | {
+			_type: "SecretEnv"
+			// Read secret from an environment variable ON THE CLIENT MACHINE
+			envvar: string
+		}
+	}
+}

stdlib/europa/dagger/engine/spec/engine/exec.cue

@@ -0,0 +1,64 @@
+package engine
+
+// Execute a command in a container
+#Exec: {
+	_exec: {}
+
+	// Container filesystem
+	input: #FS
+
+	// Mounts
+	mounts: [...#Mount]
+
+	// Command to execute
+	args: [...string] | string
+
+	// Environment variables
+	environ: [...string]
+
+	// Working directory
+	workdir?: string
+
+	// Optionally attach to command standard input stream
+	stdin?: #Stream
+
+	// Optionally attach to command standard output stream
+	stdout?: #Stream
+
+	// Optionally attach to command standard error stream
+	stderr?: #Stream
+
+	// Modified filesystem
+	output: #FS
+
+	// Command exit code
+	exit: int
+}
+
+// A transient filesystem mount.
+#Mount: {
+	dest: string
+	{
+		contents: #CacheDir | #TempDir | #Service
+	} | {
+		contents: #FS
+		source:   string | *"/"
+		ro:       true | *false
+	} | {
+		contents: #Secret
+		uid:      uint32 | *0
+		gid:      uint32 | *0
+		optional: true | *false
+	}
+}
+
+// A (best effort) persistent cache dir
+#CacheDir: {
+	id:          string
+	concurrency: *"shared" | "private" | "locked"
+}
+
+// A temporary directory for command execution
+#TempDir: {
+	size?: int64
+}

stdlib/europa/dagger/engine/spec/engine/fs.cue

@@ -0,0 +1,56 @@
+package engine
+
+// A filesystem state
+#FS: {
+	_fs: ID: string
+}
+
+// Produce an empty directory
+// FIXME: replace with a null value for #FS?
+#Scratch: {
+	_scratch: {}
+
+	output: #FS
+}
+
+#ReadFile: {
+	_readFile: {}
+
+	input:    #FS
+	path:     string
+	contents: string
+	output:   #FS
+}
+
+#WriteFile: {
+	_writeFile: {}
+
+	input:    #FS
+	path:     string
+	contents: string
+	output:   #FS
+}
+
+#Copy: {
+	_copy: {}
+
+	input: #FS
+	#CopyInfo
+	output: #FS
+}
+
+#CopyInfo: {
+	source: {
+		root: #FS
+		path: string | *"/"
+	}
+	dest: string
+}
+
+#Merge: {
+	_merge: {}
+
+	input: #FS
+	layers: [...#CopyInfo]
+	output: #FS
+}

stdlib/europa/dagger/engine/spec/engine/git.cue

@@ -0,0 +1,19 @@
+package engine
+
+// Push a directory to a git remote
+#GitPush: {
+	gitPush: {}
+
+	input:  #FS
+	remote: string
+	ref:    string
+}
+
+// Pull a directory from a git remote
+#GitPull: {
+	gitPull: {}
+
+	remote: string
+	ref:    string
+	output: #FS
+}

stdlib/europa/dagger/engine/spec/engine/image.cue

@@ -0,0 +1,88 @@
+package engine
+
+// Container image config
+// See [OCI](https://www.opencontainers.org)
+#ImageConfig: {
+	env?: [...string]
+	user?: string
+	command?: [...string]
+	// FIXME
+}
+
+// Upload a container image to a remote repository
+#Push: {
+	push: {}
+
+	// Target repository address
+	dest: #Ref
+
+	// Filesystem contents to push
+	input: #FS
+
+	// Container image config
+	config: #ImageConfig
+
+	// Authentication
+	auth: [...{
+		target:   string
+		username: string
+		secret:   string | #Secret
+	}]
+
+	// Complete ref of the pushed image, including digest
+	result: #Ref
+}
+
+// Download a container image from a remote repository
+#Pull: {
+	pull: {}
+
+	// Repository source ref
+	source: #Ref
+	// Authentication
+	auth: [...{
+		target:   string
+		username: string
+		secret:   string | #Secret
+	}]
+
+	// Root filesystem of downloaded image
+	output: #FS
+
+	// Complete ref of downloaded image (including digest)
+	result: #Ref
+
+	// Downloaded container image config
+	config: #ImageConfig
+}
+
+// A ref is an address for a remote container image
+//
+// Examples:
+//   - "index.docker.io/dagger"
+//   - "dagger"
+//   - "index.docker.io/dagger:latest"
+//   - "index.docker.io/dagger:latest@sha256:a89cb097693dd354de598d279c304a1c73ee550fbfff6d9ee515568e0c749cfe"
+#Ref: string
+
+// Build a container image using buildkit
+#Build: {
+	build: {}
+
+	// Source directory to build
+	source: #FS
+	{
+		frontend:   "dockerfile"
+		dockerfile: {
+			path: string | *"Dockerfile"
+		} | {
+			contents: string
+		}
+	}
+
+	// Root filesystem produced by build
+	output: #FS
+
+	// Container image config produced by build
+	config: #ImageConfig
+}

stdlib/europa/dagger/engine/spec/engine/secret.cue

@@ -0,0 +1,6 @@
+package engine
+
+// An external secret
+#Secret: {
+	_secret: ID: string
+}

stdlib/europa/dagger/engine/spec/engine/service.cue

@@ -0,0 +1,6 @@
+package engine
+
+// An external network service
+#Service: {
+	_service: ID: string
+}

stdlib/europa/dagger/engine/spec/engine/stream.cue

@@ -0,0 +1,6 @@
+package engine
+
+// A stream of bytes
+#Stream: {
+	_stream: ID: string
+}

stdlib/europa/dagger/engine/spec/spec.cue

@@ -0,0 +1,2 @@
+// Placeholder package, to keep docs generating tool happy.
+package spec

stdlib/europa/dagger/engine/types.cue

@@ -0,0 +1,29 @@
+package engine
+
+// A reference to a filesystem tree.
+// For example:
+//  - The root filesystem of a container
+//  - A source code repository
+//  - A directory containing binary artifacts
+// Rule of thumb: if it fits in a tar archive, it fits in a #FS.
+#FS: {
+	_fs: id: string
+}
+
+// A reference to an external secret, for example:
+//  - A password
+//  - A SSH private key
+//  - An API token
+// Secrets are never merged in the Cue tree. They can only be used
+// by a special filesystem mount designed to minimize leak risk.
+#Secret: {
+	_secret: id: string
+}
+
+// A reference to a network service endpoint, for example:
+//  - A TCP or UDP port
+//  - A unix or npipe socket
+//  - An HTTPS endpoint
+#Service: {
+	_service: id: string
+}