Commit Graph

34 Commits

Author SHA1 Message Date
Andrea Luzzardi
c881bc2dba plancontext: use helpers to determine if CUE value is secret/fs/service
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-12-07 14:16:14 -05:00
Andrea Luzzardi
201ac391b4 check for concreteness in specialized types
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-12-07 14:03:07 -05:00
Andrea Luzzardi
5b7b1cab79 Migrate dagger.#Secret and dagger.#Stream to new format
- Refactored to keep every transformation of built-in types (e.g. FS,
  Secret, etc) to/from CUE in the same place (plancontext)
- dagger.#Service and dagger.#Secret are now following the new FS-like format
  (e.g. `_service: id: string`)
- Backward compatibility
- dagger.#Stream is now an alias for dagger.#Service

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-12-01 17:33:35 -08:00
Andrea Luzzardi
0aea10d23e dagger.#FS support
- Implement dagger.#FS support
- Migrate `context.imports` to dagger.#FS
- Backward compat: dagger.#FS can be passed in lieu of a
  dagger.#Artifact
- For instance, an import (`dagger.#FS`) can be passed to the current
  `yarn.#Package` implementation

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-11-30 12:58:50 -08:00
Andrea Luzzardi
81ec746d2c core: component -> task
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-11-24 16:58:24 -08:00
Andrea Luzzardi
608f254449 runtime: support legacy Pipelines in new execution engine
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-11-24 16:51:52 -08:00
Andrea Luzzardi
a61e8dcb62 prepare the transition to #Plan.context
This change helps the transition between `dagger input` and `#Plan.context`.

In summary, the codebase now relies on a *context* for execution with mapping to *IDs*.
In the future, *context* will come from a `#Plan.context`.
In the meantime, a bridge converts `dagger input` to a plan context. This allows both *old* and *new* style configurations to co-exist with the same underlying engine.

- Implement `plancontext`. Context holds the execution context for a plan. Currently this includes the platform, local directories, secrets and services (e.g. unix/npipe).
- Contextual data can be registered at any point. In the future, this will be done by `#Plan.context`
- Migrated the `dagger input` codebase to register inputs in a `plancontext`
- Migrated low-level types/operations to the *Context ID* pattern.
  - `dagger.#Stream` now only includes an `id` (instead of `unix` path)
  - `dagger.#Secret` still includes only an ID, but now it's based off `plancontext`
  - `op.#Local` now only includes an `id` (instead of `path`, `include`, `exclude`.

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-11-19 11:29:38 -08:00
Sam Alba
e6de59a340 added support for stream type npipe (Windows named pipe)
Signed-off-by: Sam Alba <samalba@users.noreply.github.com>
2021-11-08 17:16:38 -08:00
Tom Chauveau
a63c4e989a
Change "arch" into "platform" because it's more accurate.
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-11-05 16:21:21 +01:00
Tom Chauveau
59f67f9cb5
Fix export architecture configuration to resolves #1087
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-11-02 12:59:51 +01:00
Tom Chauveau
caa03a37cc
Update dagger engine to uses a given architecture instead of default one.
Check #1071 for more details

Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-10-22 21:02:12 +02:00
Andrea Luzzardi
e37f8c5e53 pipeline: analysis: ignore CUE errors
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-10-20 14:37:31 -07:00
Andrea Luzzardi
6c48f8b7a9 pipeline: more explicit non-executable errors
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-10-20 12:27:58 -07:00
Andrea Luzzardi
e5c571b8a9 op.#SaveImage: fix data race
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-10-12 16:05:43 -07:00
Andrea Luzzardi
50d55a8885 op.#SaveImage: export the image ID
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-10-12 15:39:04 -07:00
Andrea Luzzardi
5a1d4bff62 Support loading artifacts into a Docker Engine
This adds support to loading artifacts (e.g. docker.#Build,
os.#Container, ...) into any arbitrary docker engine (through a
dagger.#Stream for UNIX sockets or SSH for a remote engine)

Implementation:
- Add op.#SaveImage which serializes an artifact into an arbitrary path
  (docker tarball format)
- Add docker.#Load which uses op.#SaveImage to serialize to disk and
  executes `docker load` to load it back

Caveats: Because we're doing this in userspace rather than letting
dagger itself load the image, the performance is pretty bad.

The buildkit API is meant for streaming (get a stream of a docker image
pipe it into docker load). Because of userspace, we have to load the
entire docker image into memory, then serialize it in a single WriteFile
LLB operation.

Example:

```cue
package main

import (
	"alpha.dagger.io/dagger"
	"alpha.dagger.io/docker"
)

source: dagger.#Input & dagger.#Artifact

dockersocket: dagger.#Input & dagger.#Stream

build: docker.#Build & {
	"source": source
}

load: docker.#Load & {
	source: build
	tag:    "testimage"
	socket: dockersocket
}
```

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-10-12 14:16:01 -07:00
Andrea Luzzardi
dd1bf18ec2 logger: TTY logs support (live update)
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-10-05 15:38:34 -07:00
Kevin Poirot
51f96172bd Add #Secret type to Docker #Build args
Signed-off-by: Kevin Poirot <kevin@vazee.fr>
2021-09-23 11:13:59 +02:00
Andrea Luzzardi
0f4a55a482 socket -> stream
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-09-17 15:19:15 -07:00
Andrea Luzzardi
5480fb991d dagger.#Socket support
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-09-17 11:53:09 -07:00
Tom Chauveau
cf13257b10
Improve SecretStore integration with new method
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-09-01 21:46:56 +02:00
Tom Chauveau
eabf1b52e5
Update docker push tests
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-08-31 14:44:06 +02:00
Tom Chauveau
a9fd97d7fe
Handle secrets in DockerLogin operation
Before, secret was a plain text string, but it could lead to security issue
so we are now handling secrets as `dagger.#Secret` or string.
I've add a new struct SecretStore that expose the inputStore to easily
retrieve secret value.

Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-08-31 13:04:16 +02:00
Guillaume de Rouville
08f395b70d Add auth to Git.#Repository
Signed-off-by: Guillaume de Rouville <guillaume.derouville@gmail.com>
2021-08-27 15:58:55 +02:00
Tom Chauveau
d7194f161d Add secret management to op.#FetchGit operation to fetch private repository
- Update `op.cue` to support secrets
- Update `pipeline.go` to use authTokenSecret & authHeaderSecret

Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-08-27 14:41:31 +02:00
Guillaume de Rouville
9f90aca2b7 op.#Exec hack: improve performance by 100x on big configs
Signed-off-by: Guillaume de Rouville <guillaume.derouville@gmail.com>
2021-07-29 16:37:47 +02:00
Edgar Lee
0501ae91a5 Adds support for op.#FetchHTTP
Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2021-07-06 14:37:52 -07:00
Sam Alba
efed4f73ea input/dir: ignore .dagger/ directory by default
Signed-off-by: Sam Alba <sam.alba@gmail.com>
2021-06-21 11:37:48 +02:00
Sam Alba
7d9ff46ebd revert input dir management to llb.Copy to fix cache for yarn source pkg
Signed-off-by: Sam Alba <sam.alba@gmail.com>
2021-06-20 08:32:37 +02:00
Sam Alba
09617b89da core: replaced persistent cache mounts with directory
Signed-off-by: Sam Alba <sam.alba@gmail.com>
2021-06-09 15:22:06 +02:00
Andrea Luzzardi
c95b5d2bae docs: deploy using dagger
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-06-02 15:45:51 -07:00
Andrea Luzzardi
b627b4bc88 add support for excludes in input dir
This adds support for `--include` and `--exclude` for directory inputs.

For instance, this is what you would want to use when passing dagger
repository as an input:

```
inputs:
    repository:
        dir:
            path: .
            exclude:
                - '**/node_modules'
                - cmd/dagger/dagger
                - cmd/dagger/dagger-debug
```

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-05-28 16:22:32 -07:00
Andrea Luzzardi
9c0e2d1d95 buildkit secrets support
- Secrets are never exposed in plaintext in the Cue tree. `dagger query`
  won't dump secrets anymore, Cue errors won't contain them either.
- BuildKit-native secrets support through a new `mount` type. This
  ensures secrets will never be part of containerd layers, buildkit
  cache and generally speaking will never be saved to disk in plaintext.
- Updated netlify as an example
- Added tests
- Changed the Cue definition of a secret to:

```
	@dagger(secret)

	id: string
}
```

This is to ensure both that setting the wrong input type on a secret
(e.g. `dagger input text`) will fail, and attempting to misuse the
secret (e.g. interpolating, passing as an env variable, etc) will also
fail properly.

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-05-27 19:14:08 -07:00
Andrea Luzzardi
af776b8abe cleanup: move packages to top level, change vanity URL
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-05-25 16:54:00 -07:00