This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
dagger/pkg/universe.dagger.io/aws/test/config_file.cue
Richard Jones 2b3f6e832e
Implemented universe/aws and universe/aws/cli
Signed-off-by: Richard Jones <richard@dagger.io>
2022-02-23 14:36:27 -07:00

52 lines
1.0 KiB
CUE

package test
import (
"encoding/json"
"dagger.io/dagger"
"universe.dagger.io/aws"
)
dagger.#Plan & {
inputs: {
directories: awsConfig: {
path: "./"
include: ["config"]
}
secrets: sops: command: {
name: "sops"
args: ["-d", "--extract", "[\"AWS\"]", "../../secrets_sops.yaml"]
}
}
actions: {
sopsSecrets: dagger.#DecodeSecret & {
format: "yaml"
input: inputs.secrets.sops.contents
}
getCallerIdentity: aws.#Container & {
always: true
configFile: inputs.directories.awsConfig.contents
credentials: aws.#Credentials & {
accessKeyId: sopsSecrets.output.AWS_ACCESS_KEY_ID.contents
secretAccessKey: sopsSecrets.output.AWS_SECRET_ACCESS_KEY.contents
}
command: {
name: "sh"
flags: "-c": "aws --profile ci sts get-caller-identity > /output.txt"
}
export: files: "/output.txt": _
}
verify: json.Unmarshal(getCallerIdentity.export.files."/output.txt") & {
UserId: string
Account: =~"^12[0-9]{8}86$"
Arn: =~"^arn:aws:sts::(12[0-9]{8}86):assumed-role/dagger-ci"
}
}
}