Commit Graph

25 Commits

Author SHA1 Message Date
Joel Longtine
6e28c0505f Force another solve, so that the LLB created by the
dockerfile.v0 frontend actually runs, as we expect it to.

Also, enforce Evaluate: true on SolveRequests that run through the Solver

Signed-off-by: Joel Longtine <joel@dagger.io>
2022-01-06 15:34:19 -07:00
Andrea Luzzardi
2164875737 solver: return digest when resolving images
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-12-09 14:16:39 -05:00
Andrea Luzzardi
5b7b1cab79 Migrate dagger.#Secret and dagger.#Stream to new format
- Refactored to keep every transformation of built-in types (e.g. FS,
  Secret, etc) to/from CUE in the same place (plancontext)
- dagger.#Service and dagger.#Secret are now following the new FS-like format
  (e.g. `_service: id: string`)
- Backward compatibility
- dagger.#Stream is now an alias for dagger.#Service

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-12-01 17:33:35 -08:00
Andrea Luzzardi
a61e8dcb62 prepare the transition to #Plan.context
This change helps the transition between `dagger input` and `#Plan.context`.

In summary, the codebase now relies on a *context* for execution with mapping to *IDs*.
In the future, *context* will come from a `#Plan.context`.
In the meantime, a bridge converts `dagger input` to a plan context. This allows both *old* and *new* style configurations to co-exist with the same underlying engine.

- Implement `plancontext`. Context holds the execution context for a plan. Currently this includes the platform, local directories, secrets and services (e.g. unix/npipe).
- Contextual data can be registered at any point. In the future, this will be done by `#Plan.context`
- Migrated the `dagger input` codebase to register inputs in a `plancontext`
- Migrated low-level types/operations to the *Context ID* pattern.
  - `dagger.#Stream` now only includes an `id` (instead of `unix` path)
  - `dagger.#Secret` still includes only an ID, but now it's based off `plancontext`
  - `op.#Local` now only includes an `id` (instead of `path`, `include`, `exclude`.

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-11-19 11:29:38 -08:00
Sam Alba
e4f2f69353 solver: fixed npipe support on Windows
Signed-off-by: Sam Alba <samalba@users.noreply.github.com>
2021-11-10 17:25:02 -08:00
Andrea Luzzardi
51ae44765c fix windows build
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-11-09 12:14:02 -08:00
Sam Alba
d46a347781 solver: split platform specific code
Signed-off-by: Sam Alba <samalba@users.noreply.github.com>
2021-11-08 17:51:40 -08:00
Sam Alba
e6de59a340 added support for stream type npipe (Windows named pipe)
Signed-off-by: Sam Alba <samalba@users.noreply.github.com>
2021-11-08 17:16:38 -08:00
Tom Chauveau
a63c4e989a
Change "arch" into "platform" because it's more accurate.
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-11-05 16:21:21 +01:00
Tom Chauveau
59f67f9cb5
Fix export architecture configuration to resolves #1087
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-11-02 12:59:51 +01:00
Tom Chauveau
caa03a37cc
Update dagger engine to uses a given architecture instead of default one.
Check #1071 for more details

Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-10-22 21:02:12 +02:00
Andrea Luzzardi
5480fb991d dagger.#Socket support
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-09-17 11:53:09 -07:00
Richard
0666d6f55a added hash of the secret key+value to invalidate buildkit cache when value changes
Signed-off-by: Richard <richard@dagger.io>
2021-09-16 09:23:50 -06:00
Tom Chauveau
cf13257b10
Improve SecretStore integration with new method
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-09-01 21:46:56 +02:00
Tom Chauveau
eabf1b52e5
Update docker push tests
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-08-31 14:44:06 +02:00
Tom Chauveau
a9fd97d7fe
Handle secrets in DockerLogin operation
Before, secret was a plain text string, but it could lead to security issue
so we are now handling secrets as `dagger.#Secret` or string.
I've add a new struct SecretStore that expose the inputStore to easily
retrieve secret value.

Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-08-31 13:04:16 +02:00
Tom Chauveau
3f0350359e
Improve solver channel management according to @aluzzardi comments
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-08-23 17:22:01 +02:00
Tom Chauveau
95468ce2b3
Solve sub build miss synchronous behavior
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-08-23 15:33:16 +02:00
Tom Chauveau
2f710b0ce4 Fix login miss behavior and update op
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-07-01 14:08:49 +02:00
Tom Chauveau
58a67cf86b Improve parseAuthHost function to work for all ref
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-06-30 19:07:12 +02:00
Tom Chauveau
5468f60e39 Normalize reference to login on registry
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-06-30 16:58:04 +02:00
Tom Chauveau
7d1bbcc416 Fix docker hub login error when using image ref as target
Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu>
2021-06-30 16:58:04 +02:00
Andrea Luzzardi
ac34df319a docker socket forwarding support
- This PR adds a new mount type: `docker.sock` (in addition to `cache`
  and `tmp`)
- It's then able to mount the LOCAL (as in, from the machine running
  dagger) docker socket inside the container by pretending to be an SSH
  Agent (hijacking the SSH agent forwarding support of buildkit)

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-06-04 16:14:25 -07:00
Andrea Luzzardi
9c0e2d1d95 buildkit secrets support
- Secrets are never exposed in plaintext in the Cue tree. `dagger query`
  won't dump secrets anymore, Cue errors won't contain them either.
- BuildKit-native secrets support through a new `mount` type. This
  ensures secrets will never be part of containerd layers, buildkit
  cache and generally speaking will never be saved to disk in plaintext.
- Updated netlify as an example
- Added tests
- Changed the Cue definition of a secret to:

```
	@dagger(secret)

	id: string
}
```

This is to ensure both that setting the wrong input type on a secret
(e.g. `dagger input text`) will fail, and attempting to misuse the
secret (e.g. interpolating, passing as an env variable, etc) will also
fail properly.

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-05-27 19:14:08 -07:00
Andrea Luzzardi
af776b8abe cleanup: move packages to top level, change vanity URL
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-05-25 16:54:00 -07:00