4e04bf9d22
Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
50 lines
1003 B
CUE
50 lines
1003 B
CUE
package main
|
|
|
|
import (
|
|
"dagger.io/dagger/engine"
|
|
)
|
|
|
|
engine.#Plan & {
|
|
inputs: secrets: testSecret: envvar: "TESTSECRET"
|
|
actions: {
|
|
image: engine.#Pull & {
|
|
source: "alpine:3.15.0@sha256:e7d88de73db3d3fd9b2d63aa7f447a10fd0220b7cbf39803c803f2af9ba256b3"
|
|
}
|
|
|
|
verify: engine.#Exec & {
|
|
input: image.output
|
|
mounts: secret: {
|
|
dest: "/run/secrets/test"
|
|
contents: inputs.secrets.testSecret.contents
|
|
}
|
|
args: [
|
|
"sh", "-c",
|
|
#"""
|
|
test "$(cat /run/secrets/test)" = "hello world"
|
|
ls -l /run/secrets/test | grep -- "-r--------"
|
|
"""#,
|
|
]
|
|
}
|
|
|
|
verifyPerm: engine.#Exec & {
|
|
input: image.output
|
|
mounts: secret: {
|
|
dest: "/run/secrets/test"
|
|
contents: inputs.secrets.testSecret.contents
|
|
uid: 42
|
|
gid: 24
|
|
mask: 0o666
|
|
}
|
|
args: [
|
|
"sh", "-c",
|
|
#"""
|
|
ls -l /run/secrets/test | grep -- "-rw-rw-rw-"
|
|
ls -l /run/secrets/test | grep -- "42"
|
|
ls -l /run/secrets/test | grep -- "24"
|
|
"""#,
|
|
]
|
|
}
|
|
|
|
}
|
|
}
|