From eabf1b52e5d78d3020f49a8d974d697a6f322786 Mon Sep 17 00:00:00 2001 From: Tom Chauveau Date: Tue, 31 Aug 2021 13:05:36 +0200 Subject: [PATCH] Update docker push tests Signed-off-by: Tom Chauveau --- environment/pipeline.go | 2 +- solver/secretsprovider.go | 1 - stdlib/.dagger/env/docker-pull/values.yaml | 6 ++-- .../env/docker-push-invalid-creds/values.yaml | 6 ++-- .../docker/tests/push-invalid-creds/push.cue | 5 +-- .../docker/tests/push-multi-registry/push.cue | 34 ++----------------- stdlib/docker/tests/push/push.cue | 34 ++----------------- 7 files changed, 16 insertions(+), 72 deletions(-) diff --git a/environment/pipeline.go b/environment/pipeline.go index fab37512..8b912ddd 100644 --- a/environment/pipeline.go +++ b/environment/pipeline.go @@ -655,7 +655,7 @@ func (p *Pipeline) DockerLogin(ctx context.Context, op *compiler.Value, st llb.S // FIXME If we could create secret directly in `cue`, we could clean up // that condition // But currently it's not possible because ECR secret's is a string - // so we need to handle both option (string & secrets) + // so we need to handle both options (string & secret) secretValue, err := op.Lookup("secret").String() if err != nil { // Retrieve secret diff --git a/solver/secretsprovider.go b/solver/secretsprovider.go index f36a159d..a5199815 100644 --- a/solver/secretsprovider.go +++ b/solver/secretsprovider.go @@ -23,7 +23,6 @@ func NewSecretsStoreProvider(st *state.State) SecretsStore { Secrets: secretsprovider.NewSecretProvider(store), Store: store, } - } type inputStore struct { diff --git a/stdlib/.dagger/env/docker-pull/values.yaml b/stdlib/.dagger/env/docker-pull/values.yaml index 5e7205d8..75138a21 100644 --- a/stdlib/.dagger/env/docker-pull/values.yaml +++ b/stdlib/.dagger/env/docker-pull/values.yaml @@ -3,7 +3,7 @@ plan: name: docker-pull inputs: ref: - text: docker.io/daggerio/ci-test:xtyzsocvpici@sha256:35fc94d52b4fa53c2caa38ff11e13182e6f88c651eb0846728d1007d931f0d3c + text: docker.io/daggerio/ci-test:pncdyzkdemof@sha256:b92cbbfef6b952befc38812cd88cf5c4c1012f6df2891595c226f56cc053334e sops: kms: [] gcp_kms: [] @@ -19,8 +19,8 @@ sops: SG1raUVNTzZIWDltV1pOS3hySHlJeWcKg3blmstOGcxtPww513+mAEA0MWOXwNAT 5ngRvG6MraW3g9dhIuUYOwjuJyz1Z07/DBEocSxnjSyw45ZCkM1/9Q== -----END AGE ENCRYPTED FILE----- - lastmodified: "2021-07-08T09:53:37Z" - mac: ENC[AES256_GCM,data:kcONOT/cxu39rCrWtMEwHnSZU0o752WyrLMckPp4AGhkQ0CVb7vnnNQ0lLSzsUQfvf0Ze09kFZYuhlGqZ6EPCJvOw0girrdBi09hU2a7Nm8CZd/ku9gP08YsGV3yx0PgIYFuVQRJ60hwQEIZI5neEGV9x2FPUedy9lYbKvvboSE=,iv:ofZ605QYbEbtWNgGxNkp1QbK/VHtwchpFs4GxBU9rIg=,tag:Mo+0nfe2GaJcXpIOCl/cew==,type:str] + lastmodified: "2021-08-31T10:10:02Z" + mac: ENC[AES256_GCM,data:30qNlAVLJunPEboTzeIxcsZ06LcLiDiXXJLVqHE328hcezcOYGsvhlYTiGEzxtAsv78Mwxw54oSbiFZmCKoew9bTZFUyb6FcFVk4GG8z2I8pn7FkZlcnEknWinVf9Tc/h5R/g4/BBGzsBf2dr4fx4ADewwO2z1Df/8wdup0PD4E=,iv:KJcMdpLCfSU1LvvPMXitSPzm0JPwrDWdLncdvVFngNk=,tag:X2/D+RhEnyizZHXJWYnmmg==,type:str] pgp: [] encrypted_suffix: secret version: 3.7.1 diff --git a/stdlib/.dagger/env/docker-push-invalid-creds/values.yaml b/stdlib/.dagger/env/docker-push-invalid-creds/values.yaml index 7784def0..d8df2319 100644 --- a/stdlib/.dagger/env/docker-push-invalid-creds/values.yaml +++ b/stdlib/.dagger/env/docker-push-invalid-creds/values.yaml @@ -3,7 +3,7 @@ plan: name: docker-push-invalid-creds inputs: TestRegistry.secret: - text: ENC[AES256_GCM,data:PckymCtA/Q==,iv:to7XhUUcZrWDga7uT4C067BRzHEzmTPDUNAEb2TpS/I=,tag:jUTk8uGd185hmIvi/IHpww==,type:str] + secret: ENC[AES256_GCM,data:+gCg3g==,iv:TVQBLFvC1T+xNSJdmhEz+0cciIpCbo6D+twwghUU0ik=,tag:R7SoByjnyj6Aupw1/6c+8w==,type:str] TestRegistry.username: text: invalid sops: @@ -21,8 +21,8 @@ sops: VC8wSTZvUE5UaDg2WE1CaGMzR3M1TEkK9v83AVI4lvFgjKCg8UmQrcxarlESWTfV 2cDdWgoH7ZqgXo5jFv2tn8qQWHKl8eTTeYUWn8GoNVPKrCroax2fiQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2021-07-08T09:53:54Z" - mac: ENC[AES256_GCM,data:hnVsqFM81iSA/VFPbwqtqw3jOB7H2+67VuXmKfU5fEf15D5WGLZi17HCfRJQ+Db8d0S8ICwFlzqemq+99GB0wf0QVGeOBfrLZ+/AW6Yhd7klhZZxtngXos0lcZreBWduiLkctS2lbx0aiRDBUrsKFcJmu0O9JbMkwC7Hj+nncBk=,iv:2PDO6MTSszlVwmEkAI5lI9cBoJW8JdL3Q+i+sQgtFAk=,tag:nW2OLjAhSot7VyolrXbV5Q==,type:str] + lastmodified: "2021-08-31T10:07:27Z" + mac: ENC[AES256_GCM,data:sdycrW51n0tHL76DroLAUR33Fis5Hixn6dQ7LofNoIcdAj334MTWIf0jxnbzrv4Dkm/MsU90asiGwQyHI56t8mBUqrLJmd8PBE/t6S4RghCAIlM3mcHB4iHsC8Sib2URn3wKztcIuobfU8e9IvZoW4X8R/QWc1jWNmIt8VGdwfw=,iv:g7ri14SRxhsd1SSibYzDig6mZRG7LJ+R6CPDNmNOAfI=,tag:wM1DVa3LL9zFcHKAJJjugg==,type:str] pgp: [] encrypted_suffix: secret version: 3.7.1 diff --git a/stdlib/docker/tests/push-invalid-creds/push.cue b/stdlib/docker/tests/push-invalid-creds/push.cue index 1c5ab6c0..eab359d2 100644 --- a/stdlib/docker/tests/push-invalid-creds/push.cue +++ b/stdlib/docker/tests/push-invalid-creds/push.cue @@ -1,12 +1,13 @@ package docker import ( + "alpha.dagger.io/dagger" "alpha.dagger.io/random" ) TestRegistry: { - username: string @dagger(input) - secret: string @dagger(input) + username: dagger.#Input & {string} + secret: dagger.#Input & {dagger.#Secret} } TestPush: { diff --git a/stdlib/docker/tests/push-multi-registry/push.cue b/stdlib/docker/tests/push-multi-registry/push.cue index 7b0891c5..53c14707 100644 --- a/stdlib/docker/tests/push-multi-registry/push.cue +++ b/stdlib/docker/tests/push-multi-registry/push.cue @@ -4,9 +4,7 @@ import ( "alpha.dagger.io/aws" "alpha.dagger.io/aws/ecr" "alpha.dagger.io/dagger" - "alpha.dagger.io/dagger/op" "alpha.dagger.io/random" - "alpha.dagger.io/alpine" ) // @@ -48,36 +46,10 @@ TestRemoteAWS: { } } -#TestGetSecret: { - secret: dagger.#Artifact - - out: { - string - - #up: [ - op.#Load & {from: alpine.#Image}, - - op.#Exec & { - always: true - args: ["sh", "-c", "cp /input/secret /secret"] - mount: "/input/secret": "secret": secret - }, - - op.#Export & { - source: "/secret" - }, - ] - } -} - TestRemoteDocker: { dockerConfig: { - username: string & dagger.#Input - secret: dagger.#Secret & dagger.#Input - } - - secret: #TestGetSecret & { - secret: dockerConfig.secret + username: dagger.#Input & {string} + secret: dagger.#Input & {dagger.#Secret} } target: "daggerio/ci-test:test-docker-\(TestResources.suffix.out)" @@ -87,7 +59,7 @@ TestRemoteDocker: { source: TestResources.image auth: { username: dockerConfig.username - "secret": secret.out + secret: dockerConfig.secret } } } diff --git a/stdlib/docker/tests/push/push.cue b/stdlib/docker/tests/push/push.cue index 83d7da71..7cd6d916 100644 --- a/stdlib/docker/tests/push/push.cue +++ b/stdlib/docker/tests/push/push.cue @@ -1,37 +1,13 @@ package docker import ( - "alpha.dagger.io/dagger/op" "alpha.dagger.io/dagger" - "alpha.dagger.io/alpine" "alpha.dagger.io/random" ) TestRegistry: { - username: string @dagger(input) - secret: dagger.#Secret @dagger(input) -} - -#TestGetSecret: { - secret: dagger.#Artifact - - out: { - string - - #up: [ - op.#Load & {from: alpine.#Image}, - - op.#Exec & { - always: true - args: ["sh", "-c", "cp /input/secret /secret"] - mount: "/input/secret": "secret": secret - }, - - op.#Export & { - source: "/secret" - }, - ] - } + username: dagger.#Input & {string} + secret: dagger.#Input & {dagger.#Secret} } TestPush: { @@ -41,10 +17,6 @@ TestPush: { target: "daggerio/ci-test:\(tag.out)" - secret: #TestGetSecret & { - secret: TestRegistry.secret - } - image: #ImageFromDockerfile & { dockerfile: """ FROM alpine @@ -58,7 +30,7 @@ TestPush: { source: image auth: { username: TestRegistry.username - "secret": secret.out + secret: TestRegistry.secret } } }