From f8760213bd6f0214c5e0b03f2e01a6d1cc3013b3 Mon Sep 17 00:00:00 2001 From: Tom Chauveau Date: Thu, 20 May 2021 19:25:44 +0200 Subject: [PATCH] Add #Run definition in docker stdlib package. Signed-off-by: Tom Chauveau --- stdlib/docker/docker.cue | 100 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 99 insertions(+), 1 deletion(-) diff --git a/stdlib/docker/docker.cue b/stdlib/docker/docker.cue index eb99429b..7b7833f0 100644 --- a/stdlib/docker/docker.cue +++ b/stdlib/docker/docker.cue @@ -41,7 +41,105 @@ import ( ] } -// FIXME: #Run +#Run: { + // Remote host + host: string + + // Remote user + user: *"root" | string + + // Ssh remote port + port: *22 | int + + // Ssh private key + key: dagger.#Artifact + + // Ssh passphrase + passphrase?: string + + // Image reference (e.g: nginx:alpine) + ref: string + + // Container name + name?: string + + // Image registry + registry?: { + username: string + secret: dagger.#Secret + } + + #code: #""" + # Add host to known hosts + ssh -i /key -o "UserKnownHostsFile $HOME/.ssh/known_hosts" -o "StrictHostKeyChecking accept-new" -p \#(port) \#(user)@\#(host) /bin/true &> /dev/null + + # Start ssh-agent + eval $(ssh-agent) &> /dev/null + + # Add key + ssh-add /key &> /dev/null + + # Run detach container + OPTS="" + + if [ ! -z $CONTAINER_NAME ]; then + OPTS="$OPTS --name $CONTAINER_NAME" + fi + + docker container run -d $OPTS \#(ref) + """# + + #up: [ + op.#FetchContainer & {ref: "index.docker.io/docker:latest"}, + + op.#WriteFile & { + content: key + dest: "/key" + mode: 0o600 + }, + + if registry != _|_ { + op.#DockerLogin & {registry} + }, + + if passphrase != _|_ { + op.#WriteFile & { + content: #""" + #!/bin/sh + echo '\#(passphrase)' + """# + dest: "/passphrase" + } + }, + + op.#WriteFile & { + content: #code + dest: "/entrypoint.sh" + }, + + op.#Exec & { + always: true + args: [ + "/bin/sh", + "--noprofile", + "--norc", + "-eo", + "pipefail", + "/entrypoint.sh", + ] + env: { + DOCKER_HOST: "ssh://\(user)@\(host):\(port)" + if passphrase != _|_ { + SSH_ASKPASS: "/passphrase" + DISPLAY: "" + } + if name != _|_ { + CONTAINER_NAME: name + } + } + }, + ] +} // Build a Docker image from the provided Dockerfile contents // FIXME: incorporate into #Build