-
Notifications
You must be signed in to change notification settings - Fork 557
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: extends mounted secret api #5707
Conversation
Only netlify failed, not related to the PR, I add the release note and we're good to merge |
@TomChv, don't create changie logs in SDKs if it's just the auto-generated code. This should just be an engine change. Each SDK release points to the engine release it's compatible with, and the change will be listed there. |
d5e763e
to
187d879
Compare
@wingyplus PR updated, I switched back to camelcase |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a little change.
I regenerate all clients and we shall be good to merge |
LGTM. 🚀 |
core/schema/container.graphqls
Outdated
""" | ||
Permission given to the mounted secret (e.g., 0600). | ||
|
||
Default: 0644. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Default: 0644. | |
Default: 0400. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Implementation LGTM, just some issues with the GraphQL docs and test.
core/integration/container_test.go
Outdated
Optional: true, | ||
}) | ||
|
||
_, err := ctr.WithExec([]string{"sh", "-c", "test $(cat /secret) = 'secret'"}).Sync(ctx) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As far as I can tell, this test doesn't actually check whether the secret was optional, or that the configured mode was respected. I think we need a test for each. You can run stat
to see the mode, and test -z "$(cat /secret)"
to test that it's empty.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I fixed the test and doc, but I'm not sure about optional? How can I mount an actual optional secret? @vito
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah it seems like you can't, so I wouldn't bother including an API for it. In Buildkit this is a thing because secret names are configured in a Dockerfile
and optionally provided by the user separately, but Dagger handles both together; an optional secret would probably just amount to passing an empty string to SetSecret
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Then should I remove the option?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, if we can't come up with a test for it, to me that proves that we don't need it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed in e833f5d
Resolves: dagger#3323 Signed-off-by: Vasek - Tom C <tom@epitech.eu>
Signed-off-by: Vasek - Tom C <tom@epitech.eu>
Signed-off-by: Vasek - Tom C <tom@epitech.eu>
Signed-off-by: Vasek - Tom C <tom@epitech.eu>
Co-authored-by: Thanabodee Charoenpiriyakij <wingyminus@gmail.com> Signed-off-by: Vasek - Tom C <tom@quartz.technology>
Signed-off-by: Vasek - Tom C <tom@epitech.eu>
Signed-off-by: Vasek - Tom C <tom@epitech.eu>
Signed-off-by: Vasek - Tom C <tom@epitech.eu>
49f2752
to
e833f5d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm!
Resolves: #3323