Support for specifying dependencies from git url

[sipsma]

@aluzzardi currently went with the ssh auth sock approach because I think it will allow us to also seamlessly support specifying the nodejs sdk as a git url in package.json: https://docs.npmjs.com/cli/v8/configuring-npm/package-json#git-urls-as-dependencies

I'm guessing the token-based approach you mentioned could be made to work with that too, but not immediately sure so I just went with this for now. The downside of this approach is that it requires the user have an ssh agent (with SSH_AUTH_SOCK env), but that's probably okay for now (should unblock the use case in the demo if nothing else).

I need to verify the package.json git url will also work here, will update this with that before merging, but let me know if there's comments in the meantime.

[sipsma]

I have the setup where you can specify the nodejs sdk using a git+ssh URL working now, but there's some ugliness around it: you can't specify a subdirectory of the git url, so the options I'm aware of are to either make dagger/cloak have a non-workspace package.json in the root that builds the SDK or we need to have a separate repo like dagger/cloak-nodejs-sdk.

It's not clear to me what the right option is for now or if it's worth just avoiding this issue in a different way for the demo, so I'm just going to merge this PR as is without that change and then put my commit for the package.json git+ssh dependency support in the separate workflow PR here where we can figure it out: #95

[aluzzardi]

Argh, forgot to click submit yesterday. I just had a tiny nit that can be discarded

[aluzzardi]

tiny nit: why the reversal for this (e.g. happy path inside the if, error outside)?

Typically in idiomatic Go the "if" would be as small as possible.

https://about.sourcegraph.com/blog/go/idiomatic-go

• Handle unexpected cases and errors early and return often.
• Keep common or happy paths de-dented.
• When it’s not possible refactor and/or redesign.

[sipsma]

Oh I previously had other changes in this function where it made more sense to have this change. I undid them as I took a different approach but forget to undo the reversal here, will fix in my other open PR

[aluzzardi]

I have the setup where you can specify the nodejs sdk using a git+ssh URL working now, but there's some ugliness around it: you can't specify a subdirectory of the git url, so the options I'm aware of are to either make dagger/cloak have a non-workspace package.json in the root that builds the SDK or we need to have a separate repo like dagger/cloak-nodejs-sdk.

It's not clear to me what the right option is for now or if it's worth just avoiding this issue in a different way for the demo, so I'm just going to merge this PR as is without that change and then put my commit for the package.json git+ssh dependency support in the separate workflow PR here where we can figure it out: #95

Sounds good

What if we implement our own "subdirectory of the git url"? Basically wrapping llb.Git into a llb.Copy