Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package dagger for openSUSE:Factory checked in at 2022-06-05 00:45:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dagger (Old) and /work/SRC/openSUSE:Factory/.dagger.new.1548 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dagger" Sun Jun 5 00:45:48 2022 rev:11 rq:980802 version:0.2.14 Changes: -------- --- /work/SRC/openSUSE:Factory/dagger/dagger.changes 2022-06-01 17:35:55.626830491 +0200 +++ /work/SRC/openSUSE:Factory/.dagger.new.1548/dagger.changes 2022-06-05 00:45:52.272386402 +0200 @@ -1,0 +2,13 @@ +Sat Jun 04 18:54:41 UTC 2022 - ka...@b1-systems.de + +- Update to version 0.2.14: + * telemetry: Fix flaky run ID + * endpoint: switch from dagger.io to dagger.cloud + * feat(universe): add experimental kustomization (#2531) + * Improve Secrets docs (#2541) + * build(deps): bump gopkg.in/yaml.v3 from 3.0.0 to 3.0.1 (#2534) + * Default user to "root:root" rather than "root". + * build(deps-dev): bump cypress-localstorage-commands in /website + * bugfix: add image.config.workdir support to docker.#Copy + +------------------------------------------------------------------- Old: ---- dagger-0.2.13.tar.gz New: ---- dagger-0.2.14.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dagger.spec ++++++ --- /var/tmp/diff_new_pack.NSi3ml/_old 2022-06-05 00:45:53.092387097 +0200 +++ /var/tmp/diff_new_pack.NSi3ml/_new 2022-06-05 00:45:53.096387100 +0200 @@ -19,7 +19,7 @@ %define __arch_install_post export NO_BRP_STRIP_DEBUG=true Name: dagger -Version: 0.2.13 +Version: 0.2.14 Release: 0 Summary: A portable devkit for CI/CD pipelines License: GPL-3.0-only ++++++ _service ++++++ --- /var/tmp/diff_new_pack.NSi3ml/_old 2022-06-05 00:45:53.128387127 +0200 +++ /var/tmp/diff_new_pack.NSi3ml/_new 2022-06-05 00:45:53.132387130 +0200 @@ -3,7 +3,7 @@ <param name="url">https://github.com/dagger/dagger</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="revision">v0.2.13</param> + <param name="revision">v0.2.14</param> <param name="versionformat">@PARENT_TAG@</param> <param name="changesgenerate">enable</param> <param name="versionrewrite-pattern">v(.*)</param> @@ -16,7 +16,7 @@ <param name="compression">gz</param> </service> <service name="go_modules" mode="disabled"> - <param name="archive">dagger-0.2.13.tar.gz</param> + <param name="archive">dagger-0.2.14.tar.gz</param> </service> </services> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.NSi3ml/_old 2022-06-05 00:45:53.164387158 +0200 +++ /var/tmp/diff_new_pack.NSi3ml/_new 2022-06-05 00:45:53.168387161 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/dagger/dagger</param> - <param name="changesrevision">4ad67d1397f7422d9120a87451d1878e0cb0d9d4</param></service></servicedata> + <param name="changesrevision">ade8ae22f41be7b2c2d1fd53add752b7e0355ac7</param></service></servicedata> (No newline at EOF) ++++++ dagger-0.2.13.tar.gz -> dagger-0.2.14.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/api/auth/auth.go new/dagger-0.2.14/api/auth/auth.go --- old/dagger-0.2.13/api/auth/auth.go 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/api/auth/auth.go 2022-06-02 03:25:16.000000000 +0200 @@ -21,7 +21,7 @@ const ( credentialsFile = "~/.config/dagger/credentials" // #nosec - authDomain = "auth.dagger.io" + authDomain = "auth.dagger.cloud" callbackPort = 38932 ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/cmd/dagger/cmd/apitest.go new/dagger-0.2.14/cmd/dagger/cmd/apitest.go --- old/dagger-0.2.13/cmd/dagger/cmd/apitest.go 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/cmd/dagger/cmd/apitest.go 1970-01-01 01:00:00.000000000 +0100 @@ -1,67 +0,0 @@ -package cmd - -import ( - "fmt" - "io/ioutil" - "net/http" - "net/url" - - "github.com/rs/zerolog/log" - "github.com/spf13/cobra" - "github.com/spf13/viper" - "go.dagger.io/dagger/api" - "go.dagger.io/dagger/cmd/dagger/logger" -) - -// TODO: remove as soon as there is a higher-level integration with the API -var apiTestCmd = &cobra.Command{ - Use: "_api_test", - Hidden: true, - Args: cobra.NoArgs, - PreRun: func(cmd *cobra.Command, args []string) { - // Fix Viper bug for duplicate flags: - // https://github.com/spf13/viper/issues/233 - if err := viper.BindPFlags(cmd.Flags()); err != nil { - panic(err) - } - }, - Run: func(cmd *cobra.Command, args []string) { - lg := logger.New() - ctx := lg.WithContext(cmd.Context()) - - apiURL, err := url.Parse(viper.GetString("url")) - if err != nil { - panic(err) - } - apiURL.Path = "/private" - - log.Ctx(ctx).Info().Msg(fmt.Sprintf("Testing %s", apiURL)) - - c := api.New() - - req, err := http.NewRequestWithContext(ctx, http.MethodGet, apiURL.String(), nil) - if err != nil { - panic(err) - } - - resp, err := c.Do(ctx, req) - if err != nil { - log.Ctx(ctx).Fatal().Err(err).Msg("request failed") - } - defer resp.Body.Close() - - body, err := ioutil.ReadAll(resp.Body) - if err != nil { - panic(err) - } - fmt.Printf("%s\n", body) - }, -} - -func init() { - apiTestCmd.Flags().StringP("url", "u", "http://localhost:8020", "API base URL, e.g. https://api.dagger.io") - - if err := viper.BindPFlags(docCmd.Flags()); err != nil { - panic(err) - } -} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/cmd/dagger/cmd/do.go new/dagger-0.2.14/cmd/dagger/cmd/do.go --- old/dagger-0.2.13/cmd/dagger/cmd/do.go 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/cmd/dagger/cmd/do.go 2022-06-02 03:25:16.000000000 +0200 @@ -19,7 +19,7 @@ "go.dagger.io/dagger/cmd/dagger/logger" "go.dagger.io/dagger/plan" "go.dagger.io/dagger/solver" - "go.dagger.io/dagger/telemetrylite" + "go.dagger.io/dagger/telemetry" "golang.org/x/term" ) @@ -51,12 +51,13 @@ } var ( - tm = telemetrylite.New() + tm = telemetry.New() lg = logger.NewWithCloud(tm) ctx = lg.WithContext(cmd.Context()) tty *logger.TTYOutput ) defer tm.Flush() + ctx = tm.WithContext(ctx) if !viper.GetBool("experimental") { for _, f := range experimentalFlags { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/cmd/dagger/cmd/root.go new/dagger-0.2.14/cmd/dagger/cmd/root.go --- old/dagger-0.2.13/cmd/dagger/cmd/root.go 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/cmd/dagger/cmd/root.go 2022-06-02 03:25:16.000000000 +0200 @@ -52,7 +52,6 @@ project.Cmd, loginCmd, logoutCmd, - apiTestCmd, ) rootCmd.CompletionOptions.HiddenDefaultCmd = true diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/cmd/dagger/logger/cloud.go new/dagger-0.2.14/cmd/dagger/logger/cloud.go --- old/dagger-0.2.13/cmd/dagger/logger/cloud.go 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/cmd/dagger/logger/cloud.go 2022-06-02 03:25:16.000000000 +0200 @@ -5,25 +5,17 @@ "fmt" "runtime" - "github.com/google/uuid" - "go.dagger.io/dagger/engine" - "go.dagger.io/dagger/telemetrylite" + "go.dagger.io/dagger/telemetry" "go.dagger.io/dagger/version" ) type Cloud struct { - client *telemetrylite.TelemetryLite - run string - engine string + tm *telemetry.Telemetry } -func NewCloud(tm *telemetrylite.TelemetryLite) *Cloud { - engineID, _ := engine.ID() - +func NewCloud(tm *telemetry.Telemetry) *Cloud { return &Cloud{ - client: tm, - run: uuid.NewString(), - engine: engineID, + tm: tm, } } @@ -47,12 +39,12 @@ func (c *Cloud) Write(p []byte) (int, error) { event := LogEvent{ - RunID: c.run, + RunID: c.tm.RunID(), + EngineID: c.tm.EngineID(), Arch: runtime.GOARCH, OS: runtime.GOOS, DaggerVersion: version.Version, DaggerRevision: version.Revision, - EngineID: c.engine, } if err := json.Unmarshal(p, &event); err != nil { return 0, fmt.Errorf("cannot unmarshal event: %s", err) @@ -64,6 +56,6 @@ if err != nil { return 0, fmt.Errorf("cannot marshal event: %s", err) } - c.client.Push(jsonData) + c.tm.Write(jsonData) return len(p), nil } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/cmd/dagger/logger/logger.go new/dagger-0.2.14/cmd/dagger/logger/logger.go --- old/dagger-0.2.13/cmd/dagger/logger/logger.go 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/cmd/dagger/logger/logger.go 2022-06-02 03:25:16.000000000 +0200 @@ -14,7 +14,7 @@ "github.com/rs/zerolog" "github.com/spf13/viper" "go.dagger.io/dagger/api/auth" - "go.dagger.io/dagger/telemetrylite" + "go.dagger.io/dagger/telemetry" "golang.org/x/term" ) @@ -39,7 +39,7 @@ return logger.Level(lvl) } -func NewWithCloud(tm *telemetrylite.TelemetryLite) zerolog.Logger { +func NewWithCloud(tm *telemetry.Telemetry) zerolog.Logger { logger := zerolog. New(TeeCloud(tm, os.Stderr)). With(). @@ -62,7 +62,7 @@ return logger.Level(lvl) } -func TeeCloud(tm *telemetrylite.TelemetryLite, w io.Writer) zerolog.LevelWriter { +func TeeCloud(tm *telemetry.Telemetry, w io.Writer) zerolog.LevelWriter { if !auth.HasCredentials() { return zerolog.MultiLevelWriter(w) } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/docs/core-concepts/1204-secrets.md new/dagger-0.2.14/docs/core-concepts/1204-secrets.md --- old/dagger-0.2.13/docs/core-concepts/1204-secrets.md 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/docs/core-concepts/1204-secrets.md 2022-06-02 03:25:16.000000000 +0200 @@ -5,15 +5,23 @@ # How to use secrets +## What are Secrets? + +Secrets support in Dagger allows you to utilize confidential information -- such as passwords, API keys, SSH keys, etc -- when running your Dagger Plans, _without_ exposing those secrets in plaintext logs, writing them into the filesystem of containers you're building, or inserting them into cache. + +Secrets are never merged into the CUE configuration. They are managed by the Dagger runtime, only referenced as opaque identifiers, and can only be used by a special filesystem mount or as an environment variable designed to minimize leak risk. + +## Getting or Generating Secrets + +### Client operations + Most operations in `client` support handling secrets (see [Interacting with the client](./1203-client.md)). More specifically, you can: -- Write a secret to a file; -- Read a secret from a file; -- Read a secret from an environment variable; -- Read a secret from the output of a command; -- Use a secret as the input of a command. +- Read a secret from an [environment variable](#read-from-environment); +- Read a secret from a [file](#read-from-file); +- Read a secret from the [output of a command](#sops); -## Environment +### Read from Environment The simplest use case is reading from an environment variable: @@ -23,7 +31,7 @@ } ``` -## File +### Read from File You may need to trim the whitespace, especially when reading from a file: @@ -31,7 +39,7 @@ ``` -## SOPS +### SOPS There???s many ways to store encrypted secrets in your git repository. If you use [SOPS](https://github.com/mozilla/sops), here's a simple example where you can access keys from an encrypted yaml file: @@ -43,3 +51,152 @@ ```cue file=../tests/core-concepts/secrets/plans/sops.cue title="main.cue" ``` + +### Exported from Filesystem + +In addition, you can export a secret from a filesystem with [`core.#NewSecret`](https://github.com/dagger/dagger/blob/main/pkg/dagger.io/dagger/core/secrets.cue#L22-L33) + +This should be used carefully and sparingly, as the source of these secrets will stay in cache. + +```cue +package main + +import ( + "encoding/yaml" + "dagger.io/dagger" + "dagger.io/dagger/core" +) + +dagger.#Plan & { + actions: test: { + write: core.#WriteFile & { + input: dagger.#Scratch + path: "/secret" + contents: yaml.Marshal({ + FOO: "bar" + ONE: TWO: "twelve" + }) + } + + secret: core.#NewSecret & { + input: write.output + path: "/secret" + } + + decode: core.#DecodeSecret & { + input: secret.output + format: "yaml" + } + } +} +``` + +## Using Secrets + +Secrets can be used in a number of contexts within a Dagger Plan (note: this list is _not exhaustive_): + +### In a `Docker.#Run` + +As a mounted file + +```cue +dagger.#Plan & { + client: env: GITHUB_TOKEN: dagger.#Secret + + actions: { + run: docker.#Run & { + mounts: secret: { + dest: "/run/secrets/token" + contents: client.env.GITHUB_TOKEN + } + // Do something with `/run/secrets/token` + } + } +} +``` + +Or as an environment variable + +```cue +dagger.#Plan & { + client: env: GITHUB_TOKEN: dagger.#Secret + + actions: { + run: docker.#Run & { + env: GITHUB_TOKEN + // Do something with `/run/secrets/token` + } + } +} +``` + +### Passed into an Action that utilizes Secrets + +```cue +import ( + "dagger.io/dagger" + "dagger.io/dagger/core" + + "universe.dagger.io/netlify" +) + +dagger.#Plan & { + client: env: NETLIFY_TOKEN: dagger.#Secret + actions: { + // Configuration common to all tests + data: core.#WriteFile & { + input: dagger.#Scratch + path: "index.html" + contents: "hello world" + } + + // Test: deploy a simple site to Netlify + // Deploy to netlify + deploy: netlify.#Deploy & { + team: "dagger-test" + token: client.env.NETLIFY_TOKEN + site: "dagger-test" + contents: data.output + } + } +} +``` + +```cue +dagger.#Plan & { + client: env: GITHUB_TOKEN: dagger.#Secret + + actions: { + run: docker.#Run & { + mounts: secret: { + dest: "/run/secrets/token" + contents: client.env.GITHUB_TOKEN + } + // Do something with `/run/secrets/token` + } + } +} +``` + +<!-- TODO: Finish this ### Written to a file on the client --> + +## Sharp edges to be aware of + +It is possible use Secrets in ways that can risk leaks. Be aware of the risks of these uses, and avoid them if possible. + +<!-- +TODO: Provide examples of these +- Baking secrets into a container, by copying them into a filesystem or container from a mount or environment variable +--> + +We provide safeguards against printing of Secret values to Dagger logs, but you should generally not log Secrets to the console using `echo`, `cat`, etc. + +## Safe Transformations of Secrets + +### Trim Whitespace + +You may need to trim the whitespace, especially when reading from a file: + +```cue file=../tests/core-concepts/secrets/plans/file.cue + +``` diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/go.mod new/dagger-0.2.14/go.mod --- old/dagger-0.2.13/go.mod 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/go.mod 2022-06-02 03:25:16.000000000 +0200 @@ -48,7 +48,7 @@ golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac golang.org/x/tools v0.1.10 // indirect google.golang.org/grpc v1.46.2 - gopkg.in/yaml.v3 v3.0.0 + gopkg.in/yaml.v3 v3.0.1 ) replace ( diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/go.sum new/dagger-0.2.14/go.sum --- old/dagger-0.2.13/go.sum 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/go.sum 2022-06-02 03:25:16.000000000 +0200 @@ -2315,8 +2315,9 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0 h1:hjy8E9ON/egN1tAYqKb61G10WtihqetD4sz2H+8nIeA= gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/pkg/dagger.io/dagger/core/exec.cue new/dagger-0.2.14/pkg/dagger.io/dagger/core/exec.cue --- old/dagger-0.2.13/pkg/dagger.io/dagger/core/exec.cue 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/pkg/dagger.io/dagger/core/exec.cue 2022-06-02 03:25:16.000000000 +0200 @@ -25,7 +25,7 @@ workdir: string | *"/" // User ID or name - user: string | *"root" + user: string | *"root:root" // If set, always execute even if the operation could be cached always: true | *false @@ -64,7 +64,7 @@ workdir: string | *"/" // User ID or name - user: string | *"root" + user: string | *"root:root" // Inject hostname resolution into the container // key is hostname, value is IP diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/pkg/universe.dagger.io/docker/build.cue new/dagger-0.2.14/pkg/universe.dagger.io/docker/build.cue --- old/dagger-0.2.13/pkg/universe.dagger.io/docker/build.cue 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/pkg/universe.dagger.io/docker/build.cue 2022-06-02 03:25:16.000000000 +0200 @@ -1,6 +1,7 @@ package docker import ( + "path" "dagger.io/dagger" "dagger.io/dagger/core" ) @@ -44,7 +45,7 @@ input: #Image contents: dagger.#FS source: string | *"/" - dest: string | *"/" + dest: string | *"." // Optionally include certain files include: [...string] // Optionally exclude certain files @@ -55,9 +56,26 @@ "input": input.rootfs "contents": contents "source": source - "dest": dest "include": include "exclude": exclude + + // switch to determine core.#Copy dest + // if dest is an absolute path, always use it + // if no workdir, use / as the workdir + // if workdir is set, use it + // default to dest to catch missed logic + "dest": [ + if path.IsAbs(dest, path.Unix) { + dest + }, + if input.config.workdir == _|_ { + path.Join(["/", dest], path.Unix) + }, + if input.config.workdir != _|_ { + path.Join([input.config.workdir, dest], path.Unix) + }, + dest, + ][0] } output: #Image & { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/pkg/universe.dagger.io/docker/run.cue new/dagger-0.2.14/pkg/universe.dagger.io/docker/run.cue --- old/dagger-0.2.13/pkg/universe.dagger.io/docker/run.cue 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/pkg/universe.dagger.io/docker/run.cue 2022-06-02 03:25:16.000000000 +0200 @@ -76,7 +76,7 @@ entrypoint: [] cmd: [] workdir: "/" - user: "root" + user: "root:root" } config: input.config } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/pkg/universe.dagger.io/docker/test/build.cue new/dagger-0.2.14/pkg/universe.dagger.io/docker/test/build.cue --- old/dagger-0.2.13/pkg/universe.dagger.io/docker/test/build.cue 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/pkg/universe.dagger.io/docker/test/build.cue 2022-06-02 03:25:16.000000000 +0200 @@ -88,6 +88,63 @@ } } + // Test: copy respects workdir like a Dockerfile COPY + copyWorkdir: { + testFile: core.#Source & { + path: "./testdata" + include: ["Dockerfile"] + } + + build: docker.#Build & { + steps: [ + alpine.#Build, + docker.#Set & { + config: workdir: "/opt" + }, + docker.#Copy & { + contents: testFile.output + }, + ] + } + + buildNoWorkdir: docker.#Build & { + steps: [ + alpine.#Build, + docker.#Copy & { + contents: testFile.output + }, + ] + } + + buildWithAbsolute: docker.#Build & { + steps: [ + alpine.#Build, + docker.#Set & { + config: workdir: "/opt" + }, + docker.#Copy & { + contents: testFile.output + dest: "/somenewpath" + }, + ] + } + + verify: core.#ReadFile & { + input: build.output.rootfs + path: "/opt/Dockerfile" + } + + verifyNoWorkDir: core.#ReadFile & { + input: buildNoWorkdir.output.rootfs + path: "/Dockerfile" + } + + verifyWithAbsolutePath: core.#ReadFile & { + input: buildWithAbsolute.output.rootfs + path: "/somenewpath/Dockerfile" + } + } + // Test: nested docker.#Build with 3+ levels of depth // FIXME: this test currently fails. nestedDeep: { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/pkg/universe.dagger.io/x/tom.chauveau....@icloud.com/kubernetes/kustomize.cue new/dagger-0.2.14/pkg/universe.dagger.io/x/tom.chauveau....@icloud.com/kubernetes/kustomize.cue --- old/dagger-0.2.13/pkg/universe.dagger.io/x/tom.chauveau....@icloud.com/kubernetes/kustomize.cue 1970-01-01 01:00:00.000000000 +0100 +++ new/dagger-0.2.14/pkg/universe.dagger.io/x/tom.chauveau....@icloud.com/kubernetes/kustomize.cue 2022-06-02 03:25:16.000000000 +0200 @@ -0,0 +1,84 @@ +package kubernetes + +import ( + "dagger.io/dagger" + "dagger.io/dagger/core" + + "universe.dagger.io/docker" +) + +_#kustomizationType: "inline" | "directory" | "url" | "manual" + +// Build manifest from kustomization +#Kustomize: { + // Kubernetes manifests source + source: dagger.#FS + + // Type of kustomization + // - inline: inline kustomization file + // - directory: source already contains kustomization.yaml + // - url: build from GitHub + // - manual: configure execution manually + type: _#kustomizationType + + { + type: "inline" + + // Raw Kustomization + kustomization: string + + _source: core.#WriteFile & { + input: source + path: "/kustomization.yaml" + contents: kustomization + } + + run: mounts: kustomization: { + contents: _source.output + dest: "/source" + } + } | { + type: "directory" + + // Directory that contains kustomization + // It will be merged with source + kustomization: dagger.#FS + + _source: core.#Merge & { + inputs: [source, kustomization] + } + + run: mounts: kustomization: { + type: "fs" + contents: _source.output + dest: "/source" + } + } | { + type: "url" + + source: dagger.#Scratch + + // Url of the kustomization + // E.g., https://github.com/kubernetes-sigs/kustomize.git/examples/helloWorld?ref=v1.0.6 + url: string + + run: command: args: [url] + } | *{ + type: "manual" + } + + _baseImage: #Kubectl + + run: docker.#Run & { + user: "root" + input: *_baseImage.output | docker.#Image + workdir: "/source" + command: { + name: "kustomize" + flags: "-o": "/result.txt" + } + export: files: "/result.txt": string + } + + result: run.export.files."/result.txt" +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/pkg/universe.dagger.io/x/tom.chauveau....@icloud.com/kubernetes/test/kustomization.cue new/dagger-0.2.14/pkg/universe.dagger.io/x/tom.chauveau....@icloud.com/kubernetes/test/kustomization.cue --- old/dagger-0.2.13/pkg/universe.dagger.io/x/tom.chauveau....@icloud.com/kubernetes/test/kustomization.cue 1970-01-01 01:00:00.000000000 +0100 +++ new/dagger-0.2.14/pkg/universe.dagger.io/x/tom.chauveau....@icloud.com/kubernetes/test/kustomization.cue 2022-06-02 03:25:16.000000000 +0200 @@ -0,0 +1,95 @@ +package kubernetes + +import ( + "dagger.io/dagger" + + "universe.dagger.io/x/tom.chauveau....@icloud.com/kubernetes" +) + +dagger.#Plan & { + client: filesystem: "./data/hello-kustomize": read: contents: dagger.#FS + + actions: test: { + _source: client.filesystem."./data/hello-kustomize".read.contents + + // FIXME(TomChv): Depends on https://github.com/bitnami/bitnami-docker-kubectl/pull/43 + // url: kustomization: kubernetes.#Kustomize & { + // type: "url" + // url: "https://github.com/kubernetes-sigs/kustomize.git/examples/helloWorld?ref=v1.0.6" + // } + + inline: kubernetes.#Kustomize & { + type: "inline" + source: _source + kustomization: """ + apiVersion: kustomize.config.k8s.io/v1beta1 + kind: Kustomization + resources: + - service.yaml + namePrefix: inline- + """ + result: """ + apiVersion: v1 + kind: Service + metadata: + labels: + dagger-test: dagger-test + name: inline-dagger-nginx-service + spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 80 + selector: + app: dagger-nginx + type: ClusterIP\n + """ + } + + directory: kubernetes.#Kustomize & { + type: "directory" + source: _source + kustomization: _source + result: """ + apiVersion: v1 + kind: Service + metadata: + labels: + dagger-test: dagger-test + name: kustom-dagger-nginx-service + spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 80 + selector: + app: dagger-nginx + type: ClusterIP + --- + apiVersion: apps/v1 + kind: Deployment + metadata: + labels: + dagger-test: dagger-test + name: kustom-dagger-nginx + spec: + replicas: 3 + selector: + matchLabels: + app: dagger-nginx + template: + metadata: + labels: + app: dagger-nginx + spec: + containers: + - image: nginx:alpine + name: dagger-nginx + ports: + - containerPort: 80\n + """ + } + } +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/telemetry/context.go new/dagger-0.2.14/telemetry/context.go --- old/dagger-0.2.13/telemetry/context.go 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/telemetry/context.go 2022-06-02 03:25:16.000000000 +0200 @@ -8,14 +8,14 @@ func Ctx(ctx context.Context) *Telemetry { // Return the contextual telemetry - if t, ok := ctx.Value(contextKey).(*Telemetry); ok { - return t + if tm, ok := ctx.Value(contextKey).(*Telemetry); ok { + return tm } // If not available, return a brand new *disabled* telemetry - return New(Config{ - Enable: false, - }) + tm := New() + tm.Disable() + return tm } func (t *Telemetry) WithContext(ctx context.Context) context.Context { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/telemetry/telemetry.go new/dagger-0.2.14/telemetry/telemetry.go --- old/dagger-0.2.13/telemetry/telemetry.go 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/telemetry/telemetry.go 2022-06-02 03:25:16.000000000 +0200 @@ -1,32 +1,45 @@ package telemetry import ( + "bytes" "context" "encoding/json" "fmt" + "net/http" + "os" "github.com/google/uuid" + "go.dagger.io/dagger/api" + "go.dagger.io/dagger/api/auth" + "go.dagger.io/dagger/engine" "go.dagger.io/dagger/telemetry/event" ) const queueSize = 2048 -type Config struct { - Enable bool -} - type Telemetry struct { - cfg Config + enable bool + + engineID string + runID string - runID string + client *api.Client + url string queueCh chan []byte doneCh chan struct{} } -func New(cfg Config) *Telemetry { +func New() *Telemetry { + engineID, _ := engine.ID() + t := &Telemetry{ - cfg: cfg, - runID: uuid.NewString(), + enable: auth.HasCredentials(), + + runID: uuid.NewString(), + engineID: engineID, + + client: api.New(), + url: eventsURL(), queueCh: make(chan []byte, queueSize), doneCh: make(chan struct{}), } @@ -34,20 +47,42 @@ return t } +func (t *Telemetry) Disable() { + t.enable = false +} + +func (t *Telemetry) Enable() { + t.enable = true +} + +func (t *Telemetry) EngineID() string { + return t.engineID +} + +func (t *Telemetry) RunID() string { + return t.runID +} + func (t *Telemetry) Push(ctx context.Context, props event.Properties) { e := event.New(props) + e.Engine.ID = t.engineID + e.Run.ID = t.runID + if err := e.Validate(); err != nil { panic(err) } - e.Run.ID = t.runID encoded, err := json.Marshal(e) if err != nil { panic(err) } - if t.cfg.Enable { - t.queueCh <- encoded + t.Write(encoded) +} + +func (t *Telemetry) Write(p []byte) { + if t.enable { + t.queueCh <- p } } @@ -55,16 +90,35 @@ defer close(t.doneCh) for e := range t.queueCh { - // FIXME: send the event - fmt.Println(string(e)) + reqBody := bytes.NewBuffer(e) + req, err := http.NewRequest(http.MethodPost, t.url, reqBody) + fmt.Printf("???? REQUEST: %#v\n", req) + if err != nil { + continue + } + if resp, err := t.client.Do(req.Context(), req); err == nil { + fmt.Printf("???? RESPONSE: %#v\n", resp) + resp.Body.Close() + } else { + // TODO: re-auth does not seem to work as expected + panic(err) + } } } func (t *Telemetry) Flush() { // Stop accepting new events - t.cfg.Enable = false + t.Disable() // Flush events in queue close(t.queueCh) // Wait for completion <-t.doneCh } + +func eventsURL() string { + url := os.Getenv("DAGGER_CLOUD_EVENTS_URL") + if url == "" { + url = "https://api.dagger.cloud/events" + } + return url +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/telemetrylite/telemetrylite.go new/dagger-0.2.14/telemetrylite/telemetrylite.go --- old/dagger-0.2.13/telemetrylite/telemetrylite.go 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/telemetrylite/telemetrylite.go 1970-01-01 01:00:00.000000000 +0100 @@ -1,87 +0,0 @@ -package telemetrylite - -import ( - "bytes" - "fmt" - "net/http" - "os" - - "go.dagger.io/dagger/api" - "go.dagger.io/dagger/api/auth" -) - -const queueSize = 2048 - -type TelemetryLite struct { - enable bool - client *api.Client - url string - - queueCh chan []byte - doneCh chan struct{} -} - -func New() *TelemetryLite { - t := &TelemetryLite{ - enable: auth.HasCredentials(), - client: api.New(), - url: eventsURL(), - queueCh: make(chan []byte, queueSize), - doneCh: make(chan struct{}), - } - go t.send() - return t -} - -func (t *TelemetryLite) Disable() { - t.enable = false -} - -func (t *TelemetryLite) Enable() { - t.enable = true -} - -func (t *TelemetryLite) Started() { -} - -func (t *TelemetryLite) Push(p []byte) { - if t.enable { - t.queueCh <- p - } -} - -func (t *TelemetryLite) send() { - defer close(t.doneCh) - - for e := range t.queueCh { - reqBody := bytes.NewBuffer(e) - req, err := http.NewRequest(http.MethodPost, t.url, reqBody) - fmt.Printf("???? REQUEST: %#v\n", req) - if err == nil { - if resp, err := t.client.Do(req.Context(), req); err == nil { - fmt.Printf("???? RESPONSE: %#v\n", resp) - resp.Body.Close() - } else { - // TODO: re-auth does not seem to work as expected - panic(err) - } - } - } -} - -func (t *TelemetryLite) Flush() { - // Stop accepting new events - t.Disable() - // Flush events in queue - close(t.queueCh) - // Wait for completion - <-t.doneCh -} - -func eventsURL() string { - url := os.Getenv("DAGGER_CLOUD_EVENTS_URL") - if url == "" { - url = "https://api.dagger.io/events" - } - return url -} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/tests/tasks/exec/user.cue new/dagger-0.2.14/tests/tasks/exec/user.cue --- old/dagger-0.2.13/tests/tasks/exec/user.cue 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/tests/tasks/exec/user.cue 2022-06-02 03:25:16.000000000 +0200 @@ -10,6 +10,14 @@ image: core.#Pull & { source: "alpine:3.15.0@sha256:e7d88de73db3d3fd9b2d63aa7f447a10fd0220b7cbf39803c803f2af9ba256b3" } + _imageMinusPasswd: core.#Rm & { + input: image.output + path: "/etc/passwd" + } + imageMinusPasswdGroup: core.#Rm & { + input: _imageMinusPasswd.output + path: "/etc/group" + } addUser: core.#Exec & { input: image.output @@ -37,6 +45,17 @@ """#, ] } + + verifyDefaultsNoPasswdGroup: core.#Exec & { + input: imageMinusPasswdGroup.output + args: [ + "sh", "-exc", + #""" + test "$(id -u)" = "0" + test "$(id -g)" = "0" + """#, + ] + } } } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/website/package.json new/dagger-0.2.14/website/package.json --- old/dagger-0.2.13/website/package.json 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/website/package.json 2022-06-02 03:25:16.000000000 +0200 @@ -49,7 +49,7 @@ "devDependencies": { "concurrently": "^7.2.0", "cypress": "9.7.0", - "cypress-localstorage-commands": "^1.7.0", + "cypress-localstorage-commands": "^2.0.0", "start-server-and-test": "^1.13.1" } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dagger-0.2.13/website/yarn.lock new/dagger-0.2.14/website/yarn.lock --- old/dagger-0.2.13/website/yarn.lock 2022-06-01 01:57:13.000000000 +0200 +++ new/dagger-0.2.14/website/yarn.lock 2022-06-02 03:25:16.000000000 +0200 @@ -4492,10 +4492,10 @@ resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.0.10.tgz#2ad3a7bed70f35b965707c092e5f30b327c290e5" integrity sha512-2u44ZG2OcNUO9HDp/Jl8C07x6pU/eTR3ncV91SiK3dhG9TWvRVsCoJw14Ckx5DgWkzGA3waZWO3d7pgqpUI/XA== -cypress-localstorage-commands@^1.7.0: - version "1.7.0" - resolved "https://registry.yarnpkg.com/cypress-localstorage-commands/-/cypress-localstorage-commands-1.7.0.tgz#39840973de0a861d50b82f9fa548331db5973f5f" - integrity sha512-4v4FrDRPimMStWmiGikyN7OmO2rH0MLI7DMk76dBpb9/sJqCDwa7fAHTUDx6avUEDmO7TFQFgaT3OQTr1HqasQ== +cypress-localstorage-commands@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/cypress-localstorage-commands/-/cypress-localstorage-commands-2.0.0.tgz#d9ee2652573bd58542e7dc3e8fe942fbdcf42866" + integrity sha512-zN3kQXzVZL4QLXg2zivc8lOOXnRqzjKQg890pv7fKlofB2fTJx7HvMAnbK2dTQAodmOOtndXP1AnbjJahJtKSQ== cypress@9.7.0: version "9.7.0" ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/dagger/vendor.tar.gz /work/SRC/openSUSE:Factory/.dagger.new.1548/vendor.tar.gz differ: char 5, line 1