Commit Graph

4 Commits

Author SHA1 Message Date
Andrea Luzzardi
9c0e2d1d95 buildkit secrets support
- Secrets are never exposed in plaintext in the Cue tree. `dagger query`
  won't dump secrets anymore, Cue errors won't contain them either.
- BuildKit-native secrets support through a new `mount` type. This
  ensures secrets will never be part of containerd layers, buildkit
  cache and generally speaking will never be saved to disk in plaintext.
- Updated netlify as an example
- Added tests
- Changed the Cue definition of a secret to:

```
	@dagger(secret)

	id: string
}
```

This is to ensure both that setting the wrong input type on a secret
(e.g. `dagger input text`) will fail, and attempting to misuse the
secret (e.g. interpolating, passing as an env variable, etc) will also
fail properly.

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
2021-05-27 19:14:08 -07:00
Solomon Hykes
b526093929 stdlib: simpler and cleaner performance workaround
Signed-off-by: Solomon Hykes <solomon@dagger.io>
2021-05-13 22:36:06 -07:00
Solomon Hykes
98b3951c73 stdlib: os package
Signed-off-by: Solomon Hykes <solomon@dagger.io>
2021-05-11 17:32:50 -07:00
Solomon Hykes
052a623294 stdlib: io for portable I/O interfaces, os for system primitives
Signed-off-by: Solomon Hykes <sh.github.6811@hykes.org>
2021-05-04 11:21:02 -07:00