What are you trying to do?

As an example, take a module I use for loading a container with NodeJS installed.

A bit simplified, it looks like this:

type Node struct {
	// Version to use
	Version string
}

func New(
	// Version to use
	version string,
) *Node {
	return &Node{
		Version: version,
	}
}

// Returns a container with NodeJS installed
func (m *Node) NodeContainer() *da...

Outstanding! I see the number is down already - hope this helps others who had the same feel. Thank you.

I played with some tinygo.org a while back, and I wanted to use Dagger with it.
After talking with @sipsma , it seems it wasn't supported by buildkit.

I just add this issue here as I believe it is quite close to the #4675

Buildkit has support for attestations: https://github.com/moby/buildkit/blob/master/docs/attestations/README.md

But Dagger has not yet integrated that into our APIs.

Any implementation should integrate with environment Artifacts coming as part of Zenith.

One user requesting feature here: #1138842816219459695 message

Was mentioned by folks at KubeCon Chicago.

Ok so, I had some ideas related to this :tada: This is my proposal for what we should do with attestations in dagger - thoughts welcome :heart:

[!NOTE]

I think we should pretty much follow the in-toto spec: https://github.com/in-toto/attestation/blob/main/spec/README.md.

Buildkit implements attestations that follow this pretty closely, however, today it only produces statements (that contain predicates). We'd also want to upstream/wait for signing to be done, so we could use...

I'm in the same boat as @anoop2811, we would like to use Dagger for our pipelines, and having provenance generation built in would be a huge plus!

Hi, just curious if there is any movement or ETA on this. Was evaluating dagger for my team and we are very interested in a way to publish SBOMs and provenance.

What are you trying to do?

When working with build results and generating final build artifacts (packages), I often need to create directories and merge them.

In theory, this works using the following:

dag.Directory().WithDirectory("", dag.Directory())

I'm not entirely sure it always merges directories though.

In any case, a function called Merge would reflect better what it does (similarly to Diff)

Why is this important to you?

No response

How are ...

It would be great if dagger install always worked, no matter the current working directory:

I propose implementing the second row: when calling dagger install outside a module, use the home directory as a pseudo-module instead....

Rather than putting it in $HOME/dagger.json and rely on find up, I think it's better to look for it in a "global" place like:

~/.config/dagger/dagger.json

Other than not polluting the home dir, I'm thinking what happens if you add a "source": ".". This would upload the entire $HOME directory to the engine. We can also forbid sources for this module.

One other feature I'm dying to have in this global module is global excludes, like git!

As part of #5583, I think we'll need some global state somewhere to track what compute drivers have been configured, and we'll need a place to put plugins.

I think it probably makes sense to use the XDG Base Directory Specification - this defaults to .config for config, .local/share for state (we can put downloaded plugins there). But then, users can also configure this to their preference.

Yes, XDG was what I basically alluded to. We already use it in our SDKs to know where to download the cli (automatic provisioning).

As discussed with @helderco yesterday. This is now a priority for the UX we want in the dagger shell: "always install a dependency before using it"

I've been trying to work around this by dropping a dagger.json at the root of my home directory, but I'm having trouble:

1. Error: failed to generate code: input: blob.diff.export resolve: failed to export: error from receiver: open /Users/shykes/.Trash: operation not permitted
2. Contents of my dagger.json gets randomly wiped by the Dagger CLI

Is there a way to have a reliable workaround?

What are you trying to do?

Dagger is really good at reading and executing Dockerfiles, but it would be really cool if you could generate a Dockerfile from Dagger as well.

Why is this important to you?

A few users have mentioned that rewriting their Dockerfile in Dagger (which is a good thing) has some downstream consequences. Most critically it breaks existing docker-compose setups.

How are you currently working around this?

No great workaround.

I remember i wrote it somewhere on my machine.😃

But some instructions are not supported by Dagger.

I remember i wrote it somewhere on my machine.😃

What do you mean by this? :)

A Dockerfile is often still necessary in certain cases, so this would be really cool.

I remember i wrote it somewhere on my machine.😃

What do you mean by this? :)

Sorry. I mean I writing a tool like this. But it’s translate from Dockerfile to Dagger. I think we might use graphql parser to translate back somehow.

I'm not sure how feasible this is. This would only really be possible for the most basic of dagger pipelines, but it's kind of unclear how this might work with modules/etc.

If we did decide to do this, the first step would be to remove all of our custom low-level buildkit parts, and either upstream these, or work out how to do without them. We have quite a lot of these, which allow us to do things that the buildkit runtime wouldn't normally let us do (custom sources, our own local ...

I'm not sure how feasible this is. This would only really be possible for the most basic of dagger pipelines, but it's kind of unclear how this might work with modules/etc.

If we did decide to do this, the first step would be to remove all of our custom low-level buildkit parts, and either upstream these, or work out how to do without them. We have quite a lot of these, which allow us to do things that the buildkit runtime wouldn't normally let us do (custom sources, our own local direct...

What are you trying to do?

Pass a duration value to a function using Go's native time.Duration type.

Why is this important to you?

Currently I have to use a string and manually parse it into duration which is cumbersome.

How are you currently working around this?

I use a string and manually parse it into duration.

Yeah you prompted me to start a spring cleaning :) It was long overdue. So thank you for the push.

+1 for this - the generated code creates an undefined Duration type. Not super urgent as we can pass and parse strings.

func (r ReadinessCheck) MarshalJSON() ([]byte, error) {                                                                                                                                                                                     
        var concrete struct {                                                                                                   ...

What are you trying to do?

Slurm is an HPC scheduler that is often used in large ML training jobs with hundreds or thousands of nodes. Slurm is deeply integrated with enroot as the container run-time and enroot uses squashfs.

Why is this important to you?

It would be great to generate the squashfs image directly and skip an in...

What are you trying to do?

I would like a way to express an explicit dependency in the DAG between two containers without necessarily passing an artifact between them. Today, containers can depend on services (WithServiceBinding) and they can depend on other containers with artifacts (create a file in container 1, then WithFile("/tmp/foo.txt", c1.File("/tmp/foo.txt")) in container 2) -- it'd be nice to not require the file.

Why is this important to you?

I have an integra...

What is the issue?

Add PHP-specific details to https://docs.dagger.io/api/daggerverse/

Right now, I do not believe daggerverse examples are supported by PHP SDK.

I will need to add support first, so I'll take this one and tackle both at once.🙂

What is the issue?

There is a language-native PHP example on https://docs.dagger.io/api/http#language-native-http-clients, which demonstrates how to interact with Dagger using a PHP HTTP client.

This example was created before the PHP SDK existed.

The question is whether to retain or remove it.

Argument for retain: it provides an example of communicating with Dagger using a raw GraphQL client. This could be useful for users who don't want to use the PHP SDK, who don't want to use mod...

What is the issue?

Add missing documentation for the PHP SDK. Individual page requirements are described in linked sub-issues.

What is the issue?

If there are PHP-specific troubleshooting tips or errors to watch for, add them to https://docs.dagger.io/troubleshooting

What is the issue?

Add PHP code snippets to https://docs.dagger.io/integrations/google-cloud-run

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/terminal

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/state

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/secrets

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/interfaces

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/custom-types

What is the issue?

Add PHP code snippets to api/cache-volumes page: https://docs.dagger.io/api/cache-volumes

What is the issue?

Update the cookbook to include PHP snippets for all recipes: https://docs.dagger.io/cookbook

What is the issue?

Add an example of returning an array to https://docs.dagger.io/api/return-values/

If /etc/passwd and /etc/group are present, use them to lookup UID/GUI if chown is supplied a string rather than int.

Add a core function to search the contents of a file.

extend type File {
  "Search the contents of the file"
  search(
    "The pattern to match the contents. Follows the Extended Regular Expression format"
    pattern: String!,
    "Number of matches to include"
    n: Int,
  ): [Match!]!
}

type Match {
  line: Int!
  column: Int!
  contents: String!
}

Dagger natively supports nesting (dagger in dagger). At the moment this is an opt-in feature (Container.withExec(experimentalPrivilegedNesting: true). This is as a precaution while we finalized the feature and made sure it's properly sandboxed.

Are we now able to say "mission accomplished" and turn it on by default? If not, what's the path to getting there?

Right now when an exec has nesting enabled the cache key for it includes the engine version, so it's cache invalidated when the engine version changes (i.e. an upgrade or a rebuild w/ changes when doing local dev on the engine).

IIRC the main motivation for having this caching behavior was our own integ tests (which make very heavy use of nested execs) and wanting the tests to be invalidated when we modified the code in the engine API. However, we could accomplish that for our own tests in a...

Outstanding! Since this is well-scoped and doesn't require any design bikeshedding, I'm marking it as a good first contribution.

SGTM I don't see any reasons why "not" doing this.

What are you trying to do?

I want to use the Java SDK to build pipelines with Kotlin script.

Why is this important to you?

Our whole Stack is Kotlin and we benefit fromm Extensions, so it's also our first choice for dagger.io.

How are you currently working around this?

we don't

@benkeil Just to let you know we are working on publishing the SDK to maven central.

Regarding Kotlin, this is working well (not the modules for now, just integration in Kotlin code).
Once libraries will be published we will also add some docs to use them with kotlin.

For instance this very basic code:

package com.mycompany.app

import io.dagger.client.Container
import io.dagger.client.Dagger.dag
import io.dagger.client.Directory
import io.dagger.client.ReturnType
import java.uti...

Any updates on this?

What are you trying to do?

according the guide to use podman you should symlink podman to docker.

it would be much better to allow to configure the "runtime" via config and/or environment variable. something like DAGGER_RUNTIME=/usr/bin/docker or DAGGER_RUNTIME=/usr/bin/podman

(btw the issue template is quite uncool for keyboard first persons if you have to jump between the three blocks "what are you trying to do", "why is this...

Thank your for all the context @c33s.

While I don't use Podman myself, I am wondering whether you could leverage DOCKER_HOST to point to e.g. unix:///run/user/1000/podman/podman.sock

With the help of direnv, the projects that need this combo could use e.g. export DOCKER_HOST=unix:///run/user/1000/podman/podman.sock . Using this config, Dagger would still use the docker CLI default for managing the Engine, but the docker CLI would be connecting to Podman instead of Docker...

What are you trying to do?

It would be nice to have a core function to get a tarball from a directory or a file

Methods api examples :
Directory.AsTarball()
File.AsTarball()

And eventually, the reverse functions, to get a directory from a tarball.

Why is this important to you?

We use a lot tarballs in our ci/cd pipelines and that make a lot of the same boilerplate to get what we need.

How are you currently working around this?

I use a basic alpine container, mount t...

I'd love for this. I'm running into the issue described here https://github.com/dagger/dagger/issues/6355 and this would be an excellent workaround.

We should also support unpacking files/directories as part of this.

[!NOTE]
Eliminating On-Prem Kubernetes Needs
This feature could potentially eliminate the need for Kubernetes (K8s) on-premises for companies looking to scale their DevOps engineering. By leveraging Dagger's distributed build system, teams could manage and scale their CI/CD pipelines more easily, reducing the overhead and complexity involved in maintaining an on-prem Kubernetes setup for build orchestration.

What are you trying to do?

We are looking to add support for distri...

For context, I'm one of those devs, and I think there are many of us out there, that almost never uses interactive repls or shells outside of my highly-customized zsh and the occaisonal database query webgui frontend.

I see the argument that folks are gonna write wrapper scripts for call regardless of SDK programmability, but is the idea here to build a featureful enough dagger shell that folks will be writing and committing dagger shell scripts as wrappers? a featureful enough shell th...

Linking https://github.com/dagger/dagger/pull/9076#issuecomment-2508203939 as it has similar questions

This is something that has come up quite a bit recently, mostly in the context of https://github.com/dagger/dagger/pull/8800#issuecomment-2479499749, but also around https://github.com/dagger/dagger/issues/8766#issuecomment-2474813161.

Even when we have a way to configure engine settings, there are a collection of user configurations that would make sense to apply per client-session, without requiring a whole engine reload. For example:

• Registry settings - today these are all only in ...

I suppose that this is where the user would reference the path to the mounting of the .gitconfig, for session-scoped git rewrite rules: https://github.com/dagger/dagger/issues/7787. Basically, the clean implementation to solve all those issues

I would love to just use the Client.connect function to specify engine specific stuff.

Dagger.connect(
    workingDir = "../", 
    caCertificatePath = File("/path/to/my/ca-certificates"),
).use { client ->
  ...
}

or maybe even better

val caCertificates: List<File> = functionThatLoadsCertificates()

Dagger.connect(
    workingDir = "../", 
    caCertificates = caCertificates),
).use { client ->
  ...
}

So I can get my certificates from somewhere (or what eve...

No disagreement on where we want the architecture to be eventually - but while we're not there, having the config fused together will be confusing - but I do think we can resolve that in docs.

If that is what we want, one fused file, some settings requiring a manual engine restart, and some not, then should we rename the existing engine.json to something else before we release, to avoid needing to rename it later on?

1. Agree we need a config file for Dagger that is environment specific, in other words: not dagger.json, and not checked into the app repo. Somewhere in the home directory makes sense.

2. Really not a fan of further splitting that into multiple files for multiple components, because: a) it's more concepts to learn for the user b) these concepts are mostly implementation details, c) the separation between components might actually move, eg. engine-wide config might shrink over time as we ...

I'm not sure I agree.

There are 3 very distinct "types" of config, written by different "personas":

• Module config. These settings belong only to the module, potentially #6323. The module author probably writes these.
• Engine config. These settings are tied to the lifetime of an engine, and aren't specific to a user (in the case of a shared engine). Things like garbage collection, or security configuration, etc) - when these are changed, the entire behavior of the engine can change (an...

Module config

• Module config. These settings belong only to the module, potentially A config file for my modules #6323. The module author probably writes these.

I'm torn on this part because it's got a foot in each world:

• One the one hand it's directly linked to module schemas... So if it's kept in the home directory it might get out of sync with the modules it's targeting
• At the same time, it's specifically meant to be envir...

It would be nice to have a core function to append to an existing file.

DagOp should help make this possible to implement when it lands: https://github.com/dagger/dagger/pull/9395

Since there's no LLB op to append to a file, we can't currently do this - but with DagOp, we'll just be able to implement it without that.

:tada: yeah, agreed :) It would be fairly easy to have this as a core api method, something like File.append.

Problem

One benefit of dagger shell is that it could potentially match the convenience of bash scripts. 👍 One drawback is that it could potentially match the portability of bash scripts 👎

Since the shell interprets scripts in the CLI, it gets its own sandbox, separate from module runtimes. This is an opportunity to design the sandbox for the ideal balance of portability and convenience.

Solution

We are still searching for the ideal balance of portability and conveni...

FYI @aluzzardi @jedevc @sipsma and anyone who might be interested in this topic

@idlsoft I think the bash syntax is a good way to enforce that host-side is for the last mile, and if your scripts start growing too large, it's time to move them to code in a regular sandboxed function - which means that has to be a good experience, too.

The second you want your host-side script to be callable by another script (something which is implied with "host-side scripts" and a more structured language like starlark), then you're on the wrong track.

To address your specific use...

host-side scripting is exactly what I'm missing in my setup.
I currently use bash scripts to prepend initialization functions to a dagger call, but this is very limited.
Ideally I'd like to be able to define "host-side" functions, that glue things together.
For example, a dev-generate function that drops generated sources to local directories, or a docker-build function that exports a docker container to the local engine.
It may be a bit much to do that with a bash-like shell though, ...

The second you want your host-side script to be callable by another script (something which is implied with "host-side scripts" and a more structured language like starlark), then you're on the wrong track.

Not exactly what I had in mind, but I get that this may be well outside the scope here.

I have a bunch of projects, different languages, but all of them should be able to do build, test, lint.
If certain env variables are defined, also deploy.

A "host side" skylark scri...

What are you trying to do?

I'm writing some tests that require the IP addresses of Services. Unfortunately I can't use hostnames as it's for a bespoke load balancing configuration that requires IP addresses.

If using testcontainers-go this is a simple call on a container which provides you with the IP address. Following this idea would be incredibly useful as it avoids the need to either manually manage the lifecycle of a Service or bind containers to it to obtain this information ...

What are you trying to do?

Today, Dagger enforces "some" validation rules on function parameters. For example, there is a way to define enums and enforce that a parameter passed to a function is a valid enum.

However, there are way more cases where validating input values would make sense and better support built into the SDKs would make module code more concise and easier to read.

Some examples:

• version number
• enums that are hard to represent as enums right now (eg. a limi...

cc @shykes @helderco wdyt? I quite like this, feels like a pretty easy way to improve module readability.

Personally, I like the validation interface better. The pragma may be more universal across different SDKs on the surface, but the accepted values there may not be that easy unify.

For example, some Go validation libraries support struct tag based validation (which is similar) and uses a language like this: notNull,mandatory,constraints:[StringNoControlCharacters{},StringLength{Minimum: 1, Maximum: 255}]

Supporting only regex can quickly become uncomfortable, implementing a more sophi...

Just going to add some comments here as I was going to post this feature request this morning as I was working on a module and needed validation.

        // version must be a valid PHP version
	switch version {
	case "8.2", "8.3", "8.4":
	default:
		return nil, errors.New("invalid PHP version")
	}

Having syntax that supported validation inline would be immensely useful for module developers.

I've used a few validation libraries and packages but the one syntax that I...

What is the issue?

add doc example for https://github.com/woodpecker-ci/woodpecker

What are you trying to do?

With the introduction of modules, developers can now reuse pieces of code for building their workflows, either built by them or other developers.

I mostly used my own modules so far, so adding new features or debugging module functionality wasn't particularly difficult.

When it comes to tinkering with third-party modules, especially for someone who isn't very familiar with how modules work, this may be more difficult.

This is how you do it today:

• ...

That would be quite handy! I’d like to add that vendor would probably be the best name for this command, as it's a commonly used term for including third-party dependencies directly in the codebase. Mimicking the replace directive from go.mod would be familiar to Go developers, but it would need to be adjusted for the JSON format.

The vendor command could pull in specified dependencies and automatically add a replacement field in dagger.json for each dependency, like so:

Directory.glob() should be callable without arguments. The intuitive default for pattern is **, which will match everything.

Making it optional means that the standard way of calling it would now require an opts struct - given that's probably the general case, I think it makes more sense to optimize that case for simplicity.

(note, this would also be a breaking change)

Making it optional means that the standard way of calling it would now require an opts struct

Only in Go :)

(note, this would also be a breaking change)

Only in Go :)

Suppose the following scenario:

// module foo
func (f *Foo) DoFoo(
	// +optional
	// +default=true
	arg bool,
	// +optional
	arg2 string,
} error {
	// ...
}

// module bar
func (f *Bar) DoBar() error {
	return dag.Foo().DoFoo(dagger.FooDoFooOpts{Arg: false})
}

As described in https://github.com/dagger/dagger/issues/7777#issuecomment-2203387161, this false won't apply, and we'll get the default true value set for arg.

That's because of the ...

Yeah, this is kinda weird - pointers let the callee handle this, but there's no way for the caller to handle it.

I can't call DoFoo from another Go module to get a false arg (no matter how it's been declared) - at the moment at least.

Is this problem present with pointers as well?

Woops, there is another way to handle this with pointers, edited to add this to the list of potential solutions.

Ooh, I like the arg chaining a lot, definitely way less verbose, and we don't need to do the messing around with interfaces. If we want to keep backwards compat, we can't quite have those names, we'd have to have WithArg or similar.

I think the FooDoFooOpts structs would just look like this then:

type FooDoFooOpts struct {
	Arg bool
	Arg2 string

	// we can use these set booleans to check if it was explicitly set
	// otherwise we fallback to querybuilder.IsZeroValue
	...

I think this version is less verbose:

dag.Foo().DoFoo(dagger.FooDoFooOpts().Arg2("hello").Arg(false))

Which would still allow this:

dag.Foo().DoFoo(dagger.FooDoFooOpts().Arg2("hello"), dagger.FooDoFooOpts().Arg(false))

Probably not used inline like that, but saved into vars and composed.

Incredible that I didn't realize this was a limitation. Would have led to big confusion. I am closely watching this as not having default true booleans would be bad for multiple reasons!

I like the chaining method if that's what you decide to go with and this will need to be well documented.

Can I suggest an option that may seem weird, but could have some potential? I call it "goofy/regular".

TLDR: introduce an alternative calling convention with a different DX and more features. The two conventions would co-exist, preventing any breaking changes.

• Regular convention: same as today.
• Goofy convention: encode the call in a single object, then make the call with Callxxx.

Benefits

1. A clean DX for explicitly setting and getting optional arguments
2. No breakin...

We discussed in discord, but summarizing my thoughts on the goofy calling convention (for the record):

• I agree on the callee example - this would be very useful in lots of places, like our gha module. No notes, let's do it :tada:
• For the caller example:
  • Setting required args through .Set methods has a few down-sides: it's now possible to accidental omit a required arg (the type checker can't catch this, and instead we get a runtime error), it's entirely different from every ...

Any traction on this? I ran into this again today and it wasn't a pleasant experience. To find details about it I had to search Discord. Would it make sense to document here until we arrive at a conclusion? https://docs.dagger.io/api/arguments/#optional-arguments

Just a simple question from a newbie here.

So is there no current workaround for having a default value of true? I'm not meaning to be a smarty-pants, but given none of this is documented (you guys really need to document this) I don't think I have any other easy way to find this out without just asking this question.

There are definitely multiple people in our company that have been directly impacted by this (just in case you need more evidence that this is an important issue.)

I agree. It's so easy to hit, I've done it multiple times myself without realizing.

I just learning dagger and I just ran into this as well. It was not obvious what the failure was and got lucky I knew @nipuna-perera who had already run into this. Otherwise I would be scratching my head.

Problem

As mentioned by @kjuulh and others, modules are powerful, but they have a steep learning curve. Going "from zero to first module" is major source of friction for adopting Dagger.

Solution

One possible solution: introduce the concept of single-file modules.

maybe this solution will solve your problem link

An isolated comment on this bit:

I think in practice, that requires containerizing the dev environment, and managing it in Dagger. IDE integration would then involve a devcontainer bridge, or equivalent. That makes IDE integration harder to ship, but we will need to cross that bridge eventually: the tech industry is already gravitating towards containerized dev environments, it's kind of silly that one of the most advanced container-based platforms out there, has no plan for that - not on...

I agree, the learning curve for dagger adoption is a bit more than it looks at the surface.

I do have a comment in the direction of doing two things/having two things pursuing the same goal.

From my experience with other tools in that space, e.b. GH Action, GitLabCI, both offer different ways to construct a workflow file. While both files end up doing the same thing, one looks entirely different from the other.
One is definitely smaller and nicer. However, and here is my big pay...

Speaking from the POV of Python modules here.

I think we should address the fact that our current IDE support is already not great, and we don't have a clear plan for addressing that. In fact, I don't think we even have a clear consensus on how we want to integrate with IDEs.

My approach has been to make modules normal Python packages, using conventions and standards as much as possible. I think this has the best chance of working as expected in several IDEs, without much effort...

Beyond any implementation details, could we consider dagger.json + <other file> - we could merge it all together:

// main.dagger.go
package main

// we could have a custom dagger block somewhere in the file, this could be language specific
dagger (
	name "my-module"
	engineVersion "v0.13.6"

	dependency (
		name "hello"
		source "github.com/shykes/hello"
	)
)

// the my module as normal

type MyModule struct {}

type (m *MyModule) Hello(ctx context.Context) (st...

Seamless IDE integration

I think that to make single-file modules a viable option as the default, while we don't need to be seamless, I think we should aim to be at near as good as a standard setup today. Otherwise, I suspect most users would quickly bail out. That said, if we had this, I would switch over to this instantly, I would love to be rid of the clutter we currently have.

From my memory, IDE integration these days tends to involve:

• Some syntax highlighting work (using ...

@jedevc would it be viable in the future, for each SDK to embed a custom language server? Then you could configure your IDE to call that. It would remove one load-bearing wall in this conversation: the need for checked-out files to match perfectly what a vanilla language server expects, always and without exception.

My approach has been to make modules normal Python packages, using conventions and standards as much as possible. I think this has the best chance of working as expected in several IDEs, without much effort from us. At least the Python SDK doesn’t cater to any one IDE specifically. And it doesn’t need to.

Whatever the reason, our users often complain about issues between their modules and their IDE. I'm not judging whether it's the best it can be - I'm just saying it's objectively a ...

would it be viable in the future, for each SDK to embed a custom language server? Then you could configure your IDE to call that.

Viable, yeah. Whether they're distributed as distinct components, or bundled into an SDK as a dagger.Service doesn't hugely matter IMO. Not to trivialize the distribution part of this, but it's definitely the easiest bit, the actual language server bits are gonna be the heavy bits.

I agree, I was thinking more of the "actual language server bits" ...

What are you trying to do?

just wanted to calculate the size of the files in a Container().Directory() with a combination of Directory().Entries() and File().SIze(), but calling Size on every File that is a symlink returns the size of the linked file.
would like to return the actual size on the filesystem of the symlink entry instead.

Why is this important to you?

had an idea to find the largest directories/files embedded in an image, a la the dive utility but simpler

How a...

Good thing we have Astral 😄 This is where the Python SDK strikes a balance. It only supports the uv package manager (uv.lock). uv is pretty great, we don’t need to support more. If you’re on a system without any Python tooling, all you need is to download this single binary once, and run uv run vim in your module to set it all up for you and get code completions.

This is a crutch. I shouldn't have to install anything on my machine to develop a Dagger module, other than Dagger.

+1....

Ah my bad, there's no sync in the language server protocol. I guess that rules out running it in an entirely separate container, some component of the LSP server will need to run on the host next to the editor.

But we can still do this: the language server just accesses the local files on the host, and can create "virtual files" in /tmp to jump to - all the generated files are still hidden from the user's current directory. This is sort of how go's LSP allows you to jump to definitions in th...

Problem

I can't pass a module as argument to a function. This prevents a whole class of use cases that require one module dynamically loading another. For example, the "platform module":

• 100 different applications each have a Dagger module. They all implement the same interface: Build(), Test()
• 1 module defines an App interface which includes Build and Test; and it implements a reusable Deploy method which takes an array of the Apps.
• App teams can call the platf...

Is it possible to pass any Dagger object other than the special cases like Directory as arguments in the CLI right now? I've wanted to do

x = dagger core container from --address=something/distroless directory --path=/
dagger --interactive core container from --address=fedora with-directory --path=/inspect --directory=$x terminal

But couldn't find a way to do it mentioned in the documentation. And I tried using from-id but the id expires by the time the next command runs.

Maybe...

This kind of thing is basically what we (nine) are doing right now using dagger shell. Our setup is we are constructing "dependencies" of our "main" dagger module in dagger shell, then passing those dependencies into the main module. The main module accepts the dependencies by interface.

An example of one of the dependencies we have is an AWS module that provides access to aws resources. We construct it in dagger shell to abstract away the differences per environment ( where our dagger func...

@M-Pixel yeah the dagger shell is meant to make this kind of composition easier.

Your example in dagger shell:

x=$(container | from something/distroless)
container | from fedora | with-directory /inspect $x | terminal

What are you trying to do?

Almost every pipeline has WithMountedDirectory().WithWorkdir(). It would be nice to have some sugar to do this in one call with something like WithMountedWorkdir()

The name probably needs some more thought because it could cause confusion between WithDirectory/WithMountedDirectory vs WithWordir != WithMountedWorkdir

Why is this important to you?

No response

How are you currently working around this?

No response

An optional parameter for WithMountedDirectory like workdir bool could work too. The DX in python and typescript would be fine. The DX in go would be worse than the current state though

What would WithMountedWorkdir do exactly? I just use WithMountedDirectory("."), doesn't that achieve the same result?

What would WithMountedWorkdir do exactly? I just use WithMountedDirectory("."), doesn't that achieve the same result?

It's a convenience helper for WithMountedDirectory().WithWorkdir() as it's generally what you end up doing in most cases.

I think instead of WithMountedDirectory("/foo").WithWorkdir("/foo") we should recommend WithWorkdir("/foo").WithMountedDirectory("."). It achieves the same result I believe (avoid awkward repetition of /foo) without further complicating our filesystem API. I think WithDirectory vs WithMountedDirectory is already too complex for most users, adding more complexity in that area is really best avoided unless absolutely necessary IMO.

we should recommend WithWorkdir("/foo").WithMountedDirectory("."). It achieves the same result I believe

yes, this also works.

adding more complexity in that area is really best avoided unless absolutely necessary IMO.

I wasn't necessarily looking at this from the complexity perspective but more like a shorthand since I've found myself writing WithMountedCache().WithWorkdir() pretty much every time. I guess it's the same reason I also value Golang's stdlib shorthands like `...

While I understand the argument from @shykes, this does bring back some PTSD from the Docker CLI days: -v .:/foo -w /foo.

WithWorkdir("/foo").WithMountedDirectory(".") is somewhat better.

(/me looking through all my modules to make sure I remove repetitions)

Yeah exactly @marcosnils , the motivation is to just type less. WithWorkdir() is almost always called with WithMountedDirectory() and this happens in almost every pipeline

+1 on WithMountedWorkdir

What are you trying to do?

The TUI buries a lot of warnings and messages by collapsing at the end, sometimes you need to communicate something to the user that is durable after a pipeline ends.

Why is this important to you?

For example: you might be telling folks that they need to update their module versions or that there is a next step needed.

Could be implemented by priority on custom OTEL spans, perhaps.

How are you currently working around this?

cc @vmaffet-fast @...

Reported by user in [Discord](#1295320684658036767 message).

The API has the following description on Directory.export:

Writes the contents of the directory to a path on the host.

This is misleading because when using a Dagger module, the directory is exported to the runtime container, not necessarily what you'd interpret as the "host". We should clarify this, but ...

Problem

We don't clearly answer the question: should we optimize for the best DX, or for flexibility?

• Best DX: one package manager, one runtime, one way to organize your files. Probably customizable, but not infinitely so. Probably easier to learn, easier to develop, and faster. But won't "blend in" with the surrounding project; and maybe harder to import code from app into the module or vice-versa

• Flexibility: adapt to your existing package manager, runtime, and layout as much as p...

@shykes

Best DX: one package manager, one runtime, one way to organize your files. Probably customizable, but not infinitely so. Probably easier to learn, easier to develop, and faster. But won't "blend in" with the surrounding project; and maybe harder to import code from app into the module or vice-versa

I personnally prefer this option since we can really focus on making the best out of our choice of runtime, configuration etc...
We can make our choice based on few points like sp...

@TomChv -

This is valid if we choose to adopt Node as runtime, but what if we choose Bun? Or Deno?

"what if we dropped Node in favor of Bun since Bun is waaay faster than Node in our benchmark" (Bun initialization is always <10s while Node is >15 uncached).

What is being done at initialization? I mean, is transpilation and type checking happening? I guess I need to work with the TypeScript SDK. 😝

Totally agree with you on that, do you have a suggestion of what time per run...

In terms of the package managers, it depends on how strict you want to be with where dagger modules live. If you go down the road of only supporting bun (for instance), you will pretty much requiring people to have a separate repo for their dagger modules, as it would likely clash with any monorepo setup.

But the dagger module is supposed to be in a different directory of your monorepo and ignore by the root tsconfig so it shouldn't clash.

Those are slightly different goals based on...

I agree that the two options aren't quite mutually exclusive, but it is a bit of a balancing act.

I'm not sure being more flexible would impact the learning curve but it would definitely make the path less straight forward and harder to make it work. You'll have to check the docs to see how to make the runtime using your specific package manager, because the they're more possibilities, you can get lost for a while, hitting strange dependency issues that could be avoided...

Personall...

So let me pose a question: How often do you experience that value?

I'd say this value can be experienced only when the CI takes so long it makes sense to endure the pain of dagger setup and runtime to run a small set of failing pipeline locally or avoid initial setup cost. Because any CI tool will always be slower than just running without a tool.

So CI tool should balance laziness and impatience. Should be easier than setting up and maintaining a local environment. Should be fast enough ...

I'm not seeing how the one should be exclusive to the other.

So, here is my 2 cents.

For sure the most used package managers should be supported. npm, yarn, pnpm. If only one has to be picked, it should be pnpm IMHO. I'm not seeing the reasons why choice of package manager can be problematic though either. 🤔

I wouldn't say customizability is necessary per se. But, extensibility is for sure. But, I understand it is hard for SDKs like Dagger offers. I'm also wondering what customiz...

What are you trying to do?

Currently the typescript sdk installs itself as a folder within the project and has its own package.json and lock file.
This makes things a little tricky to work around since there are now two separate places that try to manage the dependencies. This is especially true since the dagger code references the sdk.

Why is this important to you?

The 'normal' way for these types of dependencies are for it to be installed via a package manager and live within...

There are two unique parts. One is the SDK itself, and the other is the code-gen part.
Those could be split up. Some libraries that rely heavily on code-gen, like prisma, do this in order to keep a separation between the 'library' and the 'generated code'

That's actually a good idea, we might be able to split codegen & the SDK library, we would need 2 different important path though like

import { Container } from "@dagger.io/sdk" // Generated code
import { object, fun...

The way that prisma does it (and there are other ways), is that it has its static library as @prisma/client. Internally it references .prisma/client which is the pre-generated code that lives in node_modules.

This allows the user to import @prisma/client and have everything typed and working properly with their generated code.

The gritty details look something like

@prisma/client
  exports: 
    .: require('.prisma/client')
    ./runtime: // static code

.prisma/clie...

Currently the typescript sdk installs itself as a folder within the project and has its own package.json and lock file.
This makes things a little tricky to work around since there are now two separate places that try to manage the dependencies. This is especially true since the dagger code references the sdk.

We installed the SDK as a local dependency because the SDK itself is bundled inside the Dagger binary.

We could do it differently but that means you cannot use the SDK as local...

Assumption Note:
This comment assumes that the code for a generated module is only needed in the engine.

Another thing that may work. Since you only really need the types for development, the 'client gen' could just spit out a .d.ts file that extends the dagger types (and creates new ones).

That file could then just be gitignored.

(Take this all with a grain of salt, since I haven't looked too deeply on how things are constructed internally)

We installed the SDK as a local dependency because the SDK itself is bundled inside the
Dagger binary.

That is the main part that I'm wondering about

We could do it differently but that means you cannot use the SDK as local dep... or we would need 2 different runtime, 1 local and 1 remote

There are two unique parts. One is the SDK itself, and the other is the cod...

I’ve considered something similar for Python actually, but not exactly as suggested.

Let’s look at what makes up an SDK client library:

• The client bindings
• The client code that lives between the bindings and the communications with the API server, including a very simple connection logic based on only two env variables (session token and port)
• Code for supporting modules (introspection and registration, deserialization and serialization, validation and dynamic execution or dispatc...

First, thanks for the great write up. I'll go through this from top to bottom first, then have more freeform comments below. I also want to point out that I only have knowledge/experience of using the dagger cli with modules, so I can't really comment on cases that fall outside of that

Initial reactions / comments

Now you’re just left with the generated client bindings and the underlying code that knows how to talk to the API. I actually think this is all that should be published to...

Now you’re just left with the generated client bindings and the underlying code that knows how to talk to the API. I actually think this is all that should be published to the public package registry.

What are the generated client bindings here? I read that as it is the stuff that is generated from my 'client' module, although I'm most likely mistaken on this.

See this:

• https://github.com/dagger/dagger/issues/8424.

Basically the “client bindings” is what codegen generat...

I just created https://github.com/dagger/dagger/issues/8722 for the issue where I can't run dagger call locally. This is mainly caused by the fact that there are two separate package managers at play here. This is a similar issue that would play out in a monorepo

Related to that issue: https://github.com/dagger/dagger/pull/9531.
If extended to module's client gen, this would use the published library :)

Still a draft but it will solve that issue: https://github.com/dagger/dagger/pull/10846

This is important to me as an ops person because often the software I need to build comes with a Dockerfile that I do not control. Even if this is a Docker anti-pattern, Dagger should support it because it's a sharp edge for users:

even if I export-image, I can't use it in a build.

What are you trying to do?

it would be great to view all of a user's modules from something like https://daggerverse.dev/mod/github.com/levlaz/daggerverse (i.e. removing the module name from the URL to get to an index, similar to how you can do this on github)

Further, a github user's path would be good too if the user doesn't use a daggerverse repo. So https://daggerverse.dev/mod/github.com/levlaz

Why is this important to you?

No response

How are you currently worki...

Since a given author might have modules in many git repos in many git servers under different user/org names, it's an interesting question of "who is a user" (since we don't have a Daggerverse login today).
You can make a search today that might accidentally work like:

lev1 OR lev2
real example: https://daggerverse.dev/search?q=jpadams+OR+levlaz

It could make sense to allow search by git username/orgname through something like:

git-org:levlaz

What are you trying to do?

Expanding on https://github.com/dagger/dagger/issues/6605 which addresses the case for a dagger update command.

However, currently dependencies in dagger.json work more as a lock file - any kind of dagger install will be stored as the resolved ref. This makes it a bit hard to reason about dependencies and update them safely, etc.

It would be nice to have a way to declaratively pin the dependencies to a human-friendly ref and/or ideally a semver ex...

x-linking to https://github.com/dagger/dagger/issues/7898, which is gonna be resolved by https://github.com/dagger/dagger/pull/8587.

I think this is a step torwards dagger upgrade but not fully there.

Does the proposed changes to the syntax of dagger.json make sense to you? With source capturing the original from dagger install, and pin labelling the exact commit that we used.

Yeah I believe that should cover it pretty well (minus the ability to not commit the pin/lock versions, which I personally don't need). I like the idea of the combined source+pin string, it's probably simpler / better UX than having to know the difference between requirements and pinned dependencies, etc 👍

Problem

The current services API on allows 1-to-1, one-way service dependencies. The following topologies are not allowed:

1. Service A needs to connect to B, and vice-versa
2. Service A, B, C all need to connect to each other. Similar to how Docker-compose networks work out of the box.

Solution

Expand the Dagger API to support a wider variety of network topologies, without losing the benefits of the current design.

:wave: adding an update here to share that #8641 already allows this in a simplified way.

Summary

Make include/exclude patterns dagger.json relative to the context directory if they start with a slash (/).

Motivation

The include and exclude patterns in a dagger.json are always relative to the dagger.json file.

But with the recent Context directory feature, module authors are able to specify a path that is either relative to the root directory, or absolute to the context directory.

Example for a `f...

Summary

Create custom enumerations the same way they’re generated by codegen.

Motivation

Python enumerations are generated like this:

from dagger.client.base import Enum

class Severity(Enum):
    """Vulnerability severity levels"""

    UNKNOWN = "UNKNOWN"
    """Undetermined risk; analyze further"""

    LOW = "LOW"
    """Minimal risk; routine fix"""

    MEDIUM = "MEDIUM"
    """Moderate risk; timely fix"""

    HIGH = "HIGH"
    """Serious risk...

Problem

A module cannot return another module's type, or receive it as argument. This makes it harder to break down larger projects into several modules.

Solution

I'm not sure what the solution is.

• On the one hand, the lack of this feature is becoming quite painful
• On the other hand, I know that this has been considered, and the conclusion was: it would create intractable "dependency hell" problems.

I wonder if the dependency hell problems could be solved with name mangling?

F...

The original logic for this is illustrated in https://github.com/dagger/dagger/pull/6102#issuecomment-1813209934.

There was some discussion recently about this in #1285289216556925002 message.

• In other words, GoBuilder as imported by App would get its own namespace. I think this might make the dependency hell problem go away.

I don't think this works - if you return a AppGoBuilder from a module that's not `A...

If they are called FooAppGoBuilder and BarAppGoBuilder doesn't that solve the propagation problem?

I think this potentially solves this, but at the cost of making it very very difficult to use - the App name now has to propagate through the entire system - for deeply nested modules, this produces names that would be fairly unreadable.

It also means we'll struggle with caching - with different names in the graphql schema depending on the caller, different callers won't cache. Maybe we could inject the version into the name?

Actually! We potentially have a neat solution I thin...

I ruled this idea out when we first started thinking about this problem for a few reasons:

One is what Justin mentioned about "for deeply nested modules, this produces names that would be fairly unreadable"; this approach might be okay for dependencies 1 level deep, but it really breaks down in terms of comprehensibility after that.

Imagine a dependency graph of modules that looks like:

Bar 
     \
      Foo - Blah - Qaz - Common 
     /
Baz

If your module has a dep o...

What is the issue?

Yes, I know https://github.com/dagger/dagger/issues/7703 was debated. Not sure if the typescript SDK is not fixed yet or what.

Dagger is a build system for end-user projects. You should never arbitrarily add a LICENSE file if one does not exist.

@helderco -- your comments specify the exact behavior end users expect:

• dagger init --sdk .... -- no license file created
• `dagger init -...

This happens in the CLI, for every SDK. There's nothing specific to TypeScript.

But what you ask is actually in alignment with:

• https://github.com/dagger/dagger/issues/8511
• https://github.com/dagger/dagger/issues/8452

I know this has been discussed internally in relation to the Daggerverse, but I don’t know if anything’s been decided yet. \cc @jpadams, @shykes

Yes , I agree with @helderco , got the same warning while using go SDK ( common for every SDK) .

12:46:58 WRN no LICENSE file found; generating one for you, feel free to change or remove license=Apache-2.0

As Dagger generated a default LICENSE file with the Apache-2.0 license , it's a common behavior when creating new projects or modules.
What I'm debating is , can I safely remove this LICENSE file without any issues ?

What I'm debating is , can I safely remove this LICENSE file without any issues ?

Yes -- the goal of dagger is to not litter your source. If the LICENSE was not present before dagger, you are safe to remove it

Thankyou @drmikecrowe for the confirmation

Can we Introduce a command-line flag (e.g., --no-license) that users can specify when running dagger init to skip generating the LICENSE file.
Alternatively, moving the creation of the LICENSE file to the dagger develop command would ensure that it only appears when actual code is being generated as discussed in #6666.

Change would helps in **streamlining project initialization and reduce unnecessary clutter in reposit...

Can we Introduce a command-line flag (e.g., --no-license) that users can specify when running dagger init to skip generating the LICENSE file.

You can actually skip creating the license with an empty value to --license:

dagger init --sdk=go --license=

(--license= is that same as --license "")

But I realize that this is neither intuitive nor documented in --help. The reason for this is in:

• https://github.com/dagger/dagger/pull/7719#discussion_r16492684...

These are my personal opinions as an end user:

• Bottom line: NEVER add a license to an end user's production code unless the user adds the --license. Changing a proprietary project to open-source would be one of the worst things you could do (this is what happened to me).
• The dagger init/develop --license is the correct approach
• If you are trying to address Daggerverse modules, Daggerverse is broken beyond the LICENSE aspect and not very useful in the node/TypeScript world (sor...

I'm struggling with why you are trying to create a LICENSE file.

Here's my new-user view of my dagger journey. I'm your target demographic -- a devops experienced user that is looking for a better CI/CD solution

Scenario 1

dagger init inside the project directory

/my-project
  |- src/
  |- .git/
  |- README.md
  |- LICENSE (or lack thereof)
  |- dagger.json

Scenario 2

dagger init above the project directory

/dagger-folder
  |- my-project/...

@drmikecrowe, you're right if I understand you correctly, in that the LICENSE file is intended for the use case of standalone and reusable Dagger modules, that get indexed on the Daggerverse. However, we don't have a good way today to distinguish which case is which, and the discussion around how to integrate with existing projects is still in flux so things aren't set in stone.

This issue is a catch-all for a birds-eye view on the general subject of SDKs integrating with existing projects or monorepos in Dagger modules. Specific ideas or proposals benefit from a dedicated issue though.

Problem

SDKs have 2 conflicting requirements:

1. Don't interfere with host project
2. Make it easy to import code from the host project

This results in "wack-a-mole" situation where users encounter confusing errors when daggerizing, and require custom community suppo...

Came up as an idea when discussing with @shykes. Currently, we can use this pattern:

ctr = dag.
	Container().
	From("alpine").
	With(func (ctr *dagger.Container) *dagger.Container {
		if !dev {
			return ctr
		}
		return ctr.WithExec([]string{"go", "env"})
	}).
	WithExec([]string{"go", "build", "-o", "binary", "./pkg"})

With can be used to easily insert little conditionals into the chain, without breaking it! However, it's a bit unwiedly. What would be really nice...

Yeah sgtm. Just If is a reserved keyword in languages that start function names with a lowercase, so I prefer IfWith, since it's also suggestive that it works like With.

Follow up from #8486

On the daggerverse modules can have long and short descriptions..

PHP SDK Modules do not currently support this.

Problem

The Dagger API lets you manage the platform (OS + Architecture) of containers. But there are limitations in the API that make some use cases awkward, or sometimes impossible.

For example, given a Container that may point to a multi-architecture image, I can't select a platform:

// Return the version of an image for a specific platform, or an error if the platform is not available
func GetPlatform(img *dagger.Container, platform dagger.Platform) (*dagger.Conta...

Related https://github.com/dagger/dagger/issues/6675

Sometimes a Dagger module needs to import code from the project it's embedded in. For example, in our own CI we use a distconsts package to share constants across the Dagger codebase, and the pipelines shipping it. Things like the default path of the engine's state directory; etc.

There's no officially recommended way to do this. What Dagger does for its own CI, is not mentioned in the docs, and we don't know whether it's a good pattern, because we haven't discussed it. So let's discuss ...

In a polyglot monorepo setup, how would this work? Should it be aligned with the Dagger module's SDK, meaning it can't import a pip package in a Dagger module built using the Go SDK? Overall, it's a great idea.

Multiple dagger sdks in one repo... is that an option? maybe that's not sane though. But, if a team is working in a polyglot way, if dagger does support that language, why not have multiple dagger sdks? - Would be cool to rollup into something like dagger functions - but it know...

In a polyglot monorepo setup, how would this work? Should it be aligned with the Dagger module's SDK, meaning it can't import a pip package in a Dagger module built using the Go SDK?
Overall, it's a great idea.

One solution that works today is to leverage module dependencies, as described in:

• https://github.com/dagger/dagger/issues/8496

But I think allowing include/exclude patterns in a dagger.json to reach the context directory, would provide more fine-grained control, and it would be easier to manage:

• https://github.com/dagger/dagger/issues/8531

@Excoriate @pjmagee yes, for polyglot monorepos, it's ideal to have different modules in different parts of the repo, each with its own SDK.

But sometimes one of those modules will need to import code from the application module within the same language silo. That's what this issue is about.

Using native imports as an alternative to multiple modules is definitely not recommended, edit in a polyglot repo.

But I think allowing include/exclude patterns in a dagger.json to reach the context directory, would provide more fine-grained control, and it would be easier to manage:

• Allow dagger.json include/exclude patterns to match context directory #8531

Correction, it's actually doable with include/exclude patterns to import code from outside the module, but could be better with:

• https://github.com/dagger/dagger/issues/8548
• h...

What are you trying to do?

When we write a Dagger module, we need a package.json, go.mod, etc.

These files contain version information that can be consumed by the Daggerverse publishing process.

Currently, we're expected to use Git tags, which when used in a repository housing many modules is far from ideal; mostly because Git and GitHub just don't expect developers to work in this paradigm.

I'd like to see the package manager file used and mapped to a SHA rather than litter...

When we write a Dagger module, we need a package.json, go.mod, etc.

I don't think go.mod has a version in it. Or does it?

Currently, we're expected to use Git tags, which when used in a repository housing many modules is far from ideal; mostly because Git and GitHub just don't expect developers to work in this paradigm.

Go modules seem to have adopted this pattern and while it's not perfect, I've seen it work well enough.

Problem

Dagger SDKs have access to the entire context of their host project. This allows for in-depth integration, but it also creates the risk of SDKs accidentally interfering with the project. This risk increases with the number of SDKs, and the fragmentation of host projects (different package managers, different conventions, etc).

Recently I have noticed an increase in the number of users reporting problems of this nature.

Solution

I propose sandboxing SDKs. This would p...

For me, ideally, you'd sandbox by default (in any case), but allow users to explicitly specify what else from the repo should be included when the module loads.

Solutions may vary to allow for it, but when it's managed by the user explicitly, it still allows some advanced use cases, without the confusion in simple ones.

To be clear, the Go SDK no longer modifies the parent go.mod during codegen:

• https://github.com/dagger/dagger/issues/7527

But the Go SDK is still the only one that loads files from outside the root directory, in all cases:

• https://github.com/dagger/dagger/issues/8496

If we stop overwriting existing files on init, it's a simple change that goes a long way towards this:

• https://github.com/dagger/dagger/issues/8123

So then, the only thing remaining to completely sandbox, wo...

Agreed, this sounds like the right approach - if we do this, do we go for a slow deprecation with backwards-compat? Honestly, it feels unlikely to break reusable modules in the daggerverse, and more likely to effect the monorepo use case.

I think it's potentially worth considering a hard break here, since supporting both the code paths for this very tricky logic seems quite challening.

What are you trying to do?

Users often use _EXPERIMENTAL_DAGGER_RUNNER_HOST during development with a dev engine or in corporate environments where they are using a custom engine with certs or proxies set. It's all too easy to leave that env var set in your shell (or in CI) when you intend to use a released Dagger engine via the dagger CLI, for example.

see also: https://github.com/dagger/dagger/issues/6599

We should give users informative messages if `_EXPERIMENTAL_DAGGER_EN...

Problem

I can access files "embedded" in my module source, with dag.CurrentModule().Source(), which is super practical. But if I make a mistake and the file is not there, I will not get an error when loading the module - only when calling the particular function that uses the file. I just got bit by this today.

Solution

It would be great if missing embedded files were detected at module load. This would give me more confidence that I am not shipping my module with a hidden fl...

What are you trying to do?

It would be fantastic if we could allow argument annotations on functions, this would allow pulling the environment from .envrc or .env files

Why is this important to you?

Each service in my mono repo configures itself with direnv. Currently I'm duplicating a lot to make workflows work locally and in Dagger.

How are you currently working around this?

Related

• https://github.com/dagger/dagger/issues/9584

I'm curious @rawkode, is this what you're referring to?

I had to write this in PHP, as a workaround. It would be great not to have to do this

    private function loadEnvArgs(Container $container, Directory $source): Container
    {
        $envContents = $source->file('.env')->contents();
        $envVars = parse_ini_string($envContents);

        foreach($envVars as $envVarKey => $envVarValue) {
            $container = $container->withEnvVariable($envVarKey, $envVarVal...

No. My request is for the ability to skip using --value env:SOME when invoking Dagger CLI.

To keep things excplicity, I would explicitly speicify environment variables that need to be imported to dagger, And I would have to types importEnvVar(NAME) and requireEnvVar(NAME). In the second case Dagger will fail if the env var does not exist or is empty.

@rawkode to confirm your use case, you are referring to adding a feature the allow module/function arguments that are currently passed as flags to support environment variables; similar to tools like urfav/cli environment variables?

If I was using the example from the docs it would look something like this?

package main

import (
	"context"
	"fmt"
)

type MyM...

Yep!

I have written a shell script to workaround this in the meantime.

#!/bin/sh

envFile="/envFile"

# Check if the file exists
if [ ! -f "$envFile" ]; then
  echo "Environment file not found: $envFile"
  exit 1
fi

# Read the file and export each line as an environment variable
while IFS='=' read -r key value; do
  # Ignore empty lines or comments
  if [ -z "$key" ] || [ "${key:0:1}" = "#" ]; then
    continue
  fi

  # Export the environment variable
  export "$key"="$value"

  # print t...

Related https://github.com/dagger/dagger/issues/9584

What is the issue?

I have recently started using Dagger and have experienced a lot of friction, due to not being able to understand how Dagger behaves. Here are two examples of things, which I found confusing as user:

• When running with_exec on container, and starting a process in background such as socat, for example using .with_exec(["/bin/sh", "-c", "socat tcp-listen:2375,reuseaddr, fork tcp:dockerd:2375 &"]).with_exec(["ps", "aux"]), then ps aux does not display the socat p...

Thank you @thecooldrop. Agree that we can improve the docs in these areas.

• Have you seen any docs that do a great job with setting that kind of context for new users?
• Are there existing sections in the Dagger docs where you'd expect to find the information you were looking for? Which ones?
• Or do we need a new section or sections? If so, what would you call them?

Regarding your questions:

• I have no reference to an example from other projects, which could serve as a guide toward this. Gradle may be good, since it also starts out by demonstrating a simple usecase, and then iteratively deepens the discussion of specific areas in additional sections. For me usually structuring the documentation around basic usecase and then providing a deeper look, in one colocated area is usually very helpful.
• There is currently no section which I would put this ...

What is the issue?

I am using dagger as a part of my blog publishing workflow and one feature that includes is being able to preview my blog locally by wrapping hugo in a dagger function.

// build and serve local hugo site
func (m *Publish) ServeDev(ctx context.Context) *dagger.Service {
	path := "/src"
	return m.base().
		WithMountedDirectory(path, m.Src).
		WithWorkdir(path).
		WithExposedPort(1313).
		WithExec([]string{"hugo", "serve", "--bind", "0.0.0.0"}).
		AsSer...

What is the issue?

Initially reported [in Discord](#github message), Dagger 0.15.1 running on GitHub Actions doesn't appear to respect ContainerWithFileOpts permissions as it did previously in 0.14.

The permissions are applied as defined in the dagger code in these cases:

• Local
  • 0.14.x ✅
  • 0.15.x ✅
• GitHub-hosted Runner
  • 0.14.x ✅
  • 0.15.x 🚫

I expected the permissions set in Dagger t...

Okay, I've tried to reproduce what you're seeing, and kind of struggling.

So, I've setup a test repo https://github.com/jedevc/repro-dagger-9250 - here's the go code:

package main

import (
	"dagger/example/internal/dagger"
)

type Example struct{}

func (m *Example) Test(mydir *dagger.Directory) *dagger.Container {
	return dag.Container().From("alpine").
		WithFile("entrypoint.sh", mydir.File("entrypoint.sh"), dagger.ContainerWithFileOpts{Permissions: 0500})
}

and the github act...

Investigating this now, will let you know if I need more info! Sorry for the delay!

One note... the dialing issue you see in the log output is likely caused by the engine startup taking longer than it used to. I suspect that this may be fixed by https://github.com/dagger/dagger/pull/9430 (which is where I was seeing such a slow-down). Regardless, I think this is probably unrelated to the permissions issue.

Were you using a shared /var/lib/dagger between different dagger jobs?

@jedevc wow, sorry I missed your responses :( I ended up moving away from GitHub hosted runners so it ceased to be a problem for me.

Maybe @Master-Y0da can help you with more detailed instructions on how to reproduce.

facing this problem right now...cant run my pipelines in local...using fedora.

What is the issue?

I want to use interactive mode (dagger -i ...) to debug issues. But the services always get dropped. If they could remain up, it would be really helpful.

Dagger version

dagger v0.15.1 (registry.dagger.io/engine:v0.15.1) darwin/arm64

Steps to reproduce

// interactive shell looses the service dependency currently (0.15.1)
func (m *Treasury) ExperimentWithService(
	ctx context.Context,
) (string, error) {

	service := dag.Container()....

I experienced this need/want while debugging as well. Would be amazing. cc @aluzzardi

What is the issue?

In the explanation of Services the grace period of Services is mentioned, but with no introduction of what that is, nor of what it does. I would like to have documented:

• What does it mean that Services have grace period?
• What is the effect of the grace period?
• How can we avoid the effects of grace period ? From current documentation about Redis, it seems that the grace period can be wroked around.
• Provide a clear ex...

Problem

It has been raised by a user in Discord (https://discord.com/channels/707636530424053791/1316771968762253312) that WithMountedCache seems to be honoring the engine's default user:group permissions. This causes issues as it breaks the pipeline portability depending on how the the engine is provisioned

Solution

How about if we enforce root:root for all WithCacheVolume calls unless the Owner field is set in the call?

Steps to reproduce

1. run the eng...

bumping this one since another user tripped with it today #1366222120173965312 message.

This also happens to all With* methods that create files or directories in the underlying containers.

https://github.com/dagger/dagger/blob/6a237d77d1277951d41f307b2505eee44a110747/docs/current_docs/integrations/nerdctl.mdx?plain=1#L15

The line above seems to imply that dagger can be used with rootless containers.

However, https://github.com/dagger/dagger/blob/main/core/docs/d7yxc-operator_manual.md#can-i-run-the-dagger-engine-as-a-rootless-container states very explicitely that the Engine cannot be ran rootless.

Would it be useful to clarify that point on the nerdctl page ? Or did...

Good shout @gotcha - looks like we made a mistake in https://github.com/dagger/dagger/pull/8242.

Dagger doesn't support rootless, so yes, the instructions are wrong.

Rootless support is eventually possible - however, it's not on the immediate roadmap. There's quite a lot of work and plumbing we'll need to make this work. We do a lot of custom networking to enable Services, and similar things.

That's not to say it's impossible (I'd definitely like to support it one day), it's that it's not currently a priority - we're a small team, we sadly don't have infinite capacity. Atm, a lot of our effort is working on improving performance, building out better ...

Dagger doesn't support rootless, so yes, the instructions are wrong.

Security conscious organizations do not like this state of affairs. Are there plans to support rootless, even far away ? Or is that a no go ?

you might be able to use rootless with a custom OCI runtime like nerdctl

The https://github.com/dagger/dagger/issues/1287#issuecomment-1673365304 also suggests to research nerdctl support. Should it be edited ?

@gotcha the Dagger engine acts as a container runtime. As such it is normal for it to have system privileges required to run containers. Running dagger in a rootless container means running runc+containerd as a rootless container: not impossible but more of a science project; and not required for security.

Security-conscious teams should apply the same best practices to dagger as they do to buildkit/containerd/runc. In practice that means vm-level isolation of workloads.

@shykes Thanks for the detailed answer. Not being a security specialist, your words will help me having constructive conversations with people that jump to quick conclusions based on your documentation.

I appreciated your take on this that you stated in https://www.youtube.com/watch?v=Sn1w51Vh0mM

What is the issue?

This is particularly problematic when the Engine exits / gets killed and the CLI continues to run. Without an external timeout (e.g. GitHub Actions job timeout), the CLI execution will not terminate.

Furthermore, pressing q once does not quit the CLI. In other words, the CLI is not able to terminate gracefully when it's no longer connected to the Engine.

Dagger version

dagger v0.14.0 (registry.dagger.io/engine:v0.14.0) darwin/amd64

Steps to ...

Follow-up of #python message

The Python SDK now relies on the ghcr.io/astral-sh/uv container image:

with the migration to uv (for python sdk) there is a new container image used (ghcr.io/astral-sh/uv). Now in enterprise environments that is not allowed, like in my case and you need to set container registry mirror. The problem with that is that our mirror requires credentials and I can not change than. I also can...

I don't think this is Python specific even though it could affect Python daggernauts more due to the non-default ghcr.io (GitHub Container Registry).

The problem seems to be having a private container registry mirror (in the engine) that requires authentication. OP is having difficulty setting that up.

Sorry for a delay from my side, I've been busy with other stuff.

I'm logged in into the mirror and I can do docker pull without any issues, uv images get pulled down via docker cli. Then running the dagger command fails because it can not pull from our mirror. This iswhat I'm doing.

engine.toml is:

debug = true
trace = false
insecure-entitlements = ["security.insecure"]
[registry."docker.io"]
  mirrors = ["OUR_MIRROR_DOMAIN"]
[registry."ghcr.io"]
  mirrors = ["OUR_MIRROR_DOM...

Some users have been encountering issues when trying out out Git credential helpers in CI

I am moving the conversation to its own issue @pspurlock, and cleaning up the other (everything was screenshotted)

After discussing with @nipuna-perera, they do manage to make it work ; It seems to be a configuration issue / patterns to use, which shall become a standard.

Next step on my end:

• [x] Working repro for GitHub / GitLab / BitBucket
• [ ] Isolate the pattern and documen...

cc @vikram-dagger, where shall i document those examples ?

https://docs.dagger.io/integrations/gitlab would work - thanks for creating this example :)

hey @pspurlock

I have a working implementation in a gitlab-ci.yml:

image: docker:latest

services:
  - name: docker:${DOCKER_VERSION}-dind
    alias: docker

variables:
  DOCKER_HOST: tcp://docker:2376
  DOCKER_TLS_VERIFY: '1'
  DOCKER_TLS_CERTDIR: '/certs'
  DOCKER_CERT_PATH: '/certs/client'
  DOCKER_DRIVER: overlay2
  DOCKER_VERSION: '24.0.6'
  GIT_USERNAME: "grouville"
  GIT_TOKEN: "${PAT}"

stages:
  - build

dagger_job:
  stage: build
  before_script...

@grouville Thanks for doing this. I can't try out your example fully because dind requires privileged mode for the runner which we don't allow. However, I did try to mimic it as much as possible and still get the same access denied error.

For context, we have a gitlab runner deployed alongside a dagger engine/deamon in a cluster. When we run a CI Job, we then use _EXPERIMENTAL_DAGGER_RUNNER_HOST so that the CI Job will connect and use the daemon running in the cluster. So when `dagger -m...

@grouville Thanks for doing this. I can't try out your example fully because dind requires privileged mode for the runner which we don't allow. However, I did try to mimic it as much as possible and still get the same access denied error.

For context, we have a gitlab runner deployed alongside a dagger engine/deamon in a cluster. When we run a CI Job, we then use _EXPERIMENTAL_DAGGER_RUNNER_HOST so that the CI Job will connect and use the daemon running in the cluster. So when `dag...

Mmmh, weird 😢 i'd be happy to sync with you to debug that live

Normally, the source of truth is always the CLI, so the one running in the CI Job that is running the dagger call command. I'll try with the _EXPERIMENTAL_DAGGER_RUNNER_HOST, if there's a bug, but I don't think so.

I have tried to add credentials in both places and neither have worked, but it would help to clarify. I know it isn't a credential issue because I can run the same credential helper commands and then git clone successfully before the dagger command fails.

If you make the same behavior as I did above, basically setting your own credential helper, if you add a step that actually prints it:

- script:
    # this should print user and pat -- please ensure that 
    - /tmp/git-c...

is it possble to configure this at global level something similar
git config --global url."https://gitlab-ci-token:$GITLAB_TOKEN@gitlab.com/".insteadOf "https://gitlab.com/"

Hi @skycaptain 👋

Thank you for digging the root cause, I was falling short on time 🙏

• We already retrieve the username, so totally doable -- it means that users will always have to specify the username, for every provider. If well documented in our docs, would that be ok ? x-access-token for all the other CI providers, gitlab-ci-token for gitlab

• Regarding your pipeline example, I really like it ; smoother indeed.

• Regarding the use of the cache `git config --global...

I narrowed it down to just using the .git-credential file since the helper store will ultimately do this anyway. Nice and tidy and ofc its wiped after every ci run:

  - echo -e "https://gitlab-ci-token:$PAT@myproject.com" > ~/.git-credentials
  - git config --global credential.helper store
  - dagger call ...

We already retrieve the username, so totally doable -- it means that users will always have to specify the username, for every provider. If well documented in our docs, would that be ok ? x-access-token for all the other CI providers, gitlab-ci-token for gitlab

In my experience, users of private repositories are accustomed to specifying both username and token. If the following line from the documentation represents the intended goal, then I would expect Dagger to use whatever username t...

I want to bring attention back to this issue, as it is currently blocking from effectively using modules on GitLab due to the incorrectly hard-coded username used for HTTPS authentication being incompatible with CI_JOB_TOKENs.

Should we split the "HTTPS with GitLab not working with CI_JOB_TOKEN" or "Dagger not respecting username for HTTPS auth" into a separate issue? The initial intent, as the title suggests, was to provide examples in the docs. However, the discussion revealed an issue wit...

This doesn't (Still valid json)

// +default="['one','two','three']"

This is a valid JSON string, not a valid JSON list (also note, even the contents of the JSON string aren't valid JSON - only double quotes are valid JSON strings).

Agreed this should be better documented, but I don't think we should make the second example work.

What is the issue?

When the engine autoscaled due to increased load, it took approximately 4 to 5 minutes to start jobs because of the size of the caches. During 20 to 30% of these autoscaled job executions, the engine suddenly stopped responding and left the jobs hanging.

When I look to engine logs or k8s logs I can't see any error, issue or event related to this other than screen shot of the engine logs and job logs.

Dagger version

v0.13.7

Steps to reproduce

It is happe...

What is the issue?

I'm trying to run dagger develop --sdk=python after the initiation with a name.

Dagger version

dagger v0.13.6 (registry.dagger.io/engine:v0.13.6) darwin/arm64

Steps to reproduce

dagger init --name=blah

dagger develop --sdk=python

Log output

✔ connect 0.2s
✔ cache request: mkfile /schema.json 0.0s
✔ load cache: mkfile /schema.json 0.0s
✔ cache request: blob://sha256:9121d31121f4c30e725664dd17c07133b4cb49e375a465f39f740736d4e...

Same issue with dagger v0.14.0 (registry.dagger.io/engine:v0.14.0) darwin/arm64

Trying to run the quickstart in the docs here (w/o Dagger Cloud)
(Go SDK)
~trying to authenticate to azurecr.io (Microsoft Azure Container Registry).
Verified the credentials, if I do a docker login (locally) then it works, but it doesn't seem to be able to use the docker login credentials when run in a Github action.~

Works here, with azurecr.io...

Same issue with dagger v0.14.0 (registry.dagger.io/engine:v0.14.0) darwin/arm64

Trying to run the quickstart in the docs here (w/o Dagger Cloud)

What happened? What did you expect to happen?

Hello,

I'm running Dagger in GitLab CI. I'm using it to request certificate to Hashicorp Vault. However Dagger prints the output of the request in plaintext in our GitLab CI, which includes the certificate key. Is there an option to specifically disable the output of a command in Dagger UI, without silencing everything else (with -s)?

Thanks.

maybe this solution will solve your problem link

I just ran into this as well.
I did noticed that there is a redirectStdout option that redirects the output to a file, but the results still show up in the logs

Wouldn't the existing api with redirectStdout cover it?

.withExec(['cmd', 'arg1', 'arg2'], {redirectStdout: '/tmp/output.log'})

Or do you mean more generically with something like

.withExec(['cmd', 'arg1', 'arg2'], {suppressStdout: true})

What are you trying to do?

I am creating a simple Dagger function that uses context directory. I am using defaultPath for the directory but when coding the function, I intuitively used default instead of defaultPath. The defaultPath is a special pragma for Directory however, the error I got in the CLI did not indicate this. It was cryptic.

Produce a better error message when the user accidentally uses default instead of defaultPath

Why is this important to you?

It...

What is the issue?

I have a daggerverse repository that contains multiple modules I want to use from other repositories using dagger -m ...

When I call dagger -m ../daggerverse/ci call , I expected defaultPath to load data from the current repository, but instead, I get the content of my daggerverse repository, which make defaultPath useless here

However, if my ci module call another module that also has a defaultPath="/" argument, then will get the content of th...

maybe this solution will solve your problem link

What is the issue?

This Go code in a dagger module:

func (m *Rack) Join(r *Rack) *Rack {
    m.Name = m.Name + "+" + r.Name
    m.Services = append(m.Services, r.Services...)
    return m
}

Gets generated as:

func (r *Rack) Join(r *Rack) *Rack {          
        assertNotNil("r", r)
        q := r.query.Select("join")           
        q = q.Arg("r", r)
                                             
        return &Rack{
                query: q,           ...

I think this is a specific case of https://github.com/dagger/dagger/issues/6186 - linking against that one.

maybe this solution will solve your problem link

What is the issue?

Dagger container entrypoint issue when engineVersion is missing in the dagger.json (I had found this when I tidied up the remote private daggerverse JSON file based on a much older Dagger version example online)

In my particular case I was pulling a container, with a mounted directory and work dir and then running a simple with_exec(["ls","-ls"]) and that was failing when called with -m (with my "tidied up" dagger.json) but worked OK locally as that still engineV...

What is the issue?

As asked on Discord, the code attached exhibits a weird behaviour depending on how it is invoked.

dagger call build something fails with Error: this.myDirectory.file is not a function
dagger call build env base with-exec --args cat,/x succeeds

Note how the build something is fundamentally doing the same as the second CLI command. It appears as if this.myDirectory magically becomes...

Problem

Can't call dagger call test terminal on this pipeline:

import { dag, Container, object, func } from "@dagger.io/dagger";

@object()
class Lala {
  /**
   * Returns a container that echoes whatever string argument is provided
   */
  @func()
  async test(): Promise {
    const s1 = await dag
      .container()
      .from("nginx:latest")
      .withExposedPort(80)
      .asService()
      .withHostname("web1")
      .start();

    return dag.container...

Problem

Getting the following error when trying to define a type with the same name a as a module type:

Error: input: module.withSource.initialize resolve: failed to initialize module: failed to add object to module "program-backend": failed to validate type def: object "ProgramBackend" function "Cache" cannot return external type from dependency module "cache"

main module:

package main

type ProgramBackend struct{}

type Cache struct{}

// Returns a conta...

cc @helderco might know what's happening here

Hm, this looks like a naming confusion error :thinking:

I suspect we're getting something wrong in the go codegen / engine here - this is where the error is from: https://github.com/dagger/dagger/blob/8b3b8af59328d341a0486eaf1463736ca376849b/core/module.go#L475-L484

(already validated, skip is not the right comment for this code :thinking:)

@marcosnils can you confirm, the main module has your dependent module installed? Also, what are the names of the modules? If the depend...

Problem

dagger develop doesn't seem to be using proper grouping in the telemetry spans. Here's the output of an example call:

dagger develop
✔ connect 0.2s
✔ cache request: mkfile /schema.json 0.0s
✔ load cache: mkfile /schema.json 0.0s
✔ cache request: blob://sha256:3f96dc98cb3827315b7c4f8e21be0fec3eabd82f4c09031d83f87650b1b5519c 0.0s
✔ load cache: blob://sha256:3f96dc98cb3827315b7c4f8e21be0fec3eabd82f4c09031d83f87650b1b5519c 0.0s
✔ moduleSource(refString: "."): ModuleS...

I think init has the same issue? Maybe also query/etc - should probably look through other commands as well to see where we see this issue.

It would be great to solve this one :)

It would be great to solve this one :)

Sure, feel free to give it a shot @mcruzdev

What is the issue?

Following some Discord discussions and buildkit comments (https://github.com/moby/buildkit/issues/1143#issuecomment-2327052682), I tried using the experimental dagger cache, pushing to a private docker registry. It appears to pull the cache (if it exists), but fails to export it.

I'm not sure if this is a Dagger issue or buildkit issue, but I've noticed a context canceled error cropping up when the cache is being exported. It seems odds that it's receiving a co...

I don't think this is fully supported, this is was also mentioned by @nipuna-perera recently

cc @sipsma

I don't think this is fully supported, this is was also mentioned by @nipuna-perera recently

cc @sipsma

Hey Sam, I have not run into this but this is interesting if possible. I also didn't know it was.

This seems like a similar error to what is mentioned in Discord here: #1243602114563932270 message

What happened? What did you expect to happen?

Does anybody have any examples of a monorepo? For example, I'm trying to learn how to:

• Creating the buildEnv at the top level and leveraging this for all apps
• Caching of node_modules in each projects (some node tooling we use forces us to use individual node_modules at the moment)
• Supporting 2 source folders (apps/ and packages/ -- both of which are used)

@vikram-dagger This is an issue to keep in mind for the documentation that you are working on. @TomChv can sync with you on the best practices.

I'm removing the sdk/typescript label since it's not a specific TS issue and we should write guidelines for every SDKs :)

What is the issue?

My function failed when I tried to add decorators on it. I can find workaround but not sure if it should add to docs.

Dagger version

dagger v0.13.3 (registry.dagger.io/engine:v0.13.3) darwin/arm64

Steps to reproduce

get following error when run dagger call load-context (module name is test)

def timer(func):
    """Print the runtime of the decorated function"""
    # @functools.wraps(func)
    async def wrapper_timer(*args, **kwar...

if uncomment # @functools.wraps(func), the decorator is working. it seems dagger decorator depends on the meta data of original function?

At first glance, you should have @function closer to your function, like this:

@timer
@function
async def load_context(self) -> str:
    ...

The reason is that @function needs to correctly introspect the function, and your wrapper may hide the necessary information because it has a different signature. Notice that with Dagger you need to be careful about types because we need to report those to the API beforehand, not just be able to execute. Even during execution we ...

Thanks @helderco ,
move @function close to function did not help. Here's error,

Error: input: module.withSource.initialize resolve: failed to initialize module: failed to call module "test" to get functions: call constructor: process "/runtime" did not complete successfully: exit code: 1

Stderr:
╭─ Error ──────────────────────────────────────────────────────────────────────╮
│ Function “Test.load_context” seems to be decorated in a class that is not    │
│ itself decorated with...

What is the issue?

I pass in a remote container and the CLI reports that it loads successfully (as indicated by checkmark) but doesn't perform any operations as defined in my dagger function.

dagger should at least report that the container failed to loed

Dagger version

dagger v0.13.5 (registry.dagger.io/engine:v0.13.5) linux/amd64

Steps to reproduce

I have a function that is just this:

func (m *InkyBuild) PythonSetup(ctx context.Context,
     ...

We should find a way to consolidate the API between WithHostname and WithServiceBinding as they currently don't play along very well together in a multi-module setup.

Repro:

Module A:

// Returns a container that echoes whatever string argument is provided
func (m *Lala) Test(ctx context.Context) *dagger.Container {

    svc := dag.Container().From("nginx").
        WithExposedPort(80).AsService().WithHostname("web")

    svc.Start(ctx)

    return dag.B().Run(svc)...

The catch is that we can only set a single Hostname with Buildkit for a service, so when WithHostname is used we set the configured one instead of the content-addressed one. That breaks in this case, since only one of the modules will have actually started it, and it'll only have that module's ID in the hostname.

Effectively, only one module can use a WithHostnamed service at a time within a session. You would have the same problem if you tried to reach the configured hostname within...

What is the issue?

I was running some functions repeatedly with dagger -s to get less verbose output to my terminal. I wanted concise output to share with colleagues as a repro. My dagger -s call commands were working fine until I added terminal to the end of a call that returned a Container type. I expected it to work as normal, but dagger threw an error.

An example:

Error: response from query: input: container.from.terminal resolve: failed to forward exit code: failed ...

This does appear to be intentional: https://github.com/dagger/dagger/blob/701be1ccab448437e0f03b1c1461c4b1456a0051/cmd/dagger/terminal.go#L18-L20

There should be a better error message presented here (instead of nothing), but I don't think it is intended to work.

Just ran into this myself. This would be really helpful until #10401 gets implemented for a few of my workflows that take a lot of different input params. Specifically the passing of secrets that I cannot do without passing each as a param.

As a workaround you can just grab the latest layer and run it directly docker run -it --rm <layer> /bin/bash

What is the issue?

Hi Team,

I am running into an issue when trying to understand the current behavior of CacheVolume. I have the following simple module:

import (
	"context"
	"dagger/foo/internal/dagger"
	"fmt"
)

type Foo struct{}

func (f *Foo) TestCacheVolumePersistence(ctx context.Context, input string) (string, error) {
	_, err := f.PopulateCache(ctx, input)
	if err != nil {
		return "", err
	}

	output, err := f.ListCache(ctx)
	if err != nil ...

not sure if this is related, but in same module (cloned from provided repo), I noticed if I try to create a file using "WithNewFile" inside the mounted cached directory, it errors out: /foo-cache/: cannot retrieve path from cache. (I am suspecting its looking for /foo-cache in the cache itself, while I am expecting /foo-cache to be the mounted dir)

dagger call with-new-file               
✔ connect 0.2s
✔ initialize 0.3s
✔ prepare 0.0s
✔ foo: Foo! 0.0s
✘ Foo.withNewFile: Cont...

What is the issue?

I see the error:

time="2024-10-04T08:35:43Z" level=warning msg="failed to rehash ca-certificates: ERROR: Access denied '/usr/local/share/ca-certificates'\n" error="exit status 2"

When I mount a configmap containing some-ca.crt into the folder.
It does not crash the dagger-engine, which starts up afterwards.

While it does not work following container restart, if I exec update-ca-certificates in a pod the CA certificate is applied and works as expected....

What is the issue?

Hi,

I've been evaluating Dagger and I found performance to be abysmal and TUI exposing buggy and erratic behavior, e.g. (runtimes on M2 Max machine).

Context

• dagger functions took 20-25s (after aggressive exclude and filtering in module) to finish
• both TUI and --progress=plain tended to hang indefinitely
• TUI often showed weird traces, omitted results or heavily delayed result output
• simple test flow took 6 minutes and didn't finish where r...

I'm confused - is the OTEL_ configuration invalid, i.e. pointing to an unreachable service? The dagger CLI very much intentionally respects OTEL_ env vars and expects them to be a functional configuration. We use it all the time for troubleshooting deeper engine behavior.

OTEL_ configuration invalid, i.e. pointing to an unreachable service?

Using above definition yes, it's invalid for Dagger.

ENV variables are targetting developed application that has a network configuration allowing it to reach OTEL, Dagger Engine isn't configured to do so.

As mentioned above, for me the main issue is lack of information when running functions that Dagger not being able to reach OTEL_ configured hosts will impact on its performance.

What is the issue?

This is related to the following issue, which makes some clarifications on the different mechanisms for filtering a Directory uploaded from the host to the engine:

• https://github.com/dagger/dagger/issues/8542

However, even if it’s clear which is which in a trace, we can help users know how to debug if they’re actually filtered as expected.

See the following comment, which provides source material for this:

• https://github.com/dagger/dagger/issues/7043#issu...

What is the issue?

Question from user in [Discord](#python message) about how to manage multiple virtual environments in PyCharm, and realized we can help with more clear instructions here:

Try this, have PyCharm opened in your existing project, and File > Open the Dagger module’s directory. You should see a dialog with the option to attach to the opened project. Just select that and, assuming you alread...

Attaching a project to an existing primary project might still require to set the interpreter accordingly to use the venv from inside the dagger directory instead of the primary project's one.

<img width="1595" alt="image" src="https://github.com/user-attachments/assets/7d65325b-aaf1-45c1-b589-d5d5a49614c5">

I know how workspaces work, the Python SDK uses it: 🙂

https://github.com/dagger/dagger/blob/d12a6f38adc24049287d50bf5d40ee85fd2d9666/sdk/python/pyproject.toml#L69-L70

Setting up the workspace won't be something that Dagger will manage for you. I'm just talking about documenting how this can be done for those interested in this solution, but it's up to the user to set it up.

Honestly, once you work out where in the docs this should go, and the kind of things we should cover, we should also have similar docs for go and typescript.

I did some tests with uv workspaces a week ago (outside of the dagger context) to figure out how they are supposed to be used. While dependencies are specified on the nested projects seem isolated, they are all installed in a single venv and thus must not have conflicting requirements with the other workspace packages. This could be problematic looking at what libraries are used for a minimal Dagger setup. And even if there are no conflicting requirements, I think it's still better to not pol...

I have a decent environment setup using vscode. If anyone is interested, I can demo. It's set up using nx monorepo and a view vscode plugins. I could do a video on this if anyone is interested.

I have a decent environment setup using vscode. If anyone is interested, I can demo. It's set up using nx monorepo and a view vscode plugins. I could do a video on this if anyone is interested.

This is definitely interesting, is there something different in your setup than what we explain there: https://docs.dagger.io/manuals/developer/ide-integration ?

I'm new to dagger but ain't new to uv workspaces.

I currently have a monorepo with uv workspaces set up.

I'm kinda struggling to create dagger projects in this setup:

• I'd like to have these projects as workspaces members. This means they won't get their own uv.lock files (all members share a single .venv a uv.lock file in the repo root). it's unclear how to override the default containerized dagger env build by using the repo root uv.lock file.
• It's unclear why is `d...

What happened? What did you expect to happen?

So, at a high level, I have the following folders:

├── .yarn
│   └── berry
├── node_modules
│   └── .store
├── apps
│   ├── skills
│   │   └── node_modules
│   ├── stocks
│   │   ├── stocks-api
│   │   │   └── node_modules
│   │   └── stocks-ui
│   │       └── node_modules
│   └── landing
│       └── node_modules
├── packages
│   ├── pinnacle-layer
│   │   └── node_modules
│   ├── typescript-config
│   │   └── node_m...

What is the issue?

This change in my trivy module cuases the following error:

invoke: returned error 422 Unprocessable Entity: {"errors":[{"message":"Expected Name, found \u003cInvalid\u003e","locations":[{"line":1,"column":1677}],"extensions":{"code":"GRAPHQL_PARSE_FAILED"}}],"data":null}

Dagger version

dagger v0.13.1 (registry.dagger.io/engine:v0.13.1) darwin/arm64

Steps to reproduce

See the above PR.

##...

As mentioned in https://github.com/sagikazarmark/daggerverse/pull/177#discussion_r1771215596, this is caused by passing an invalid enum value directly to graphql.

This isn't correct, but we should make the error message clearer. Ideally, we should perform some sdk-side validation to ensure that the enum value is actually valid before attempting to marshal it into the query.

I think this is just a go issue, since other languages have stronger enum types that don't suffer from this partic...

I have a similar error

returned error 422: {"data":null,"errors":[{"message":"Expected Name, found :","locations":[{"line":1,"column":104}],"extensions":{"code":"GRAPHQL_PARSE_FAILED"}}]}
exit status 1

I have no idea what bad data I'm passing to the Go SDK. At least getting at the actual query text could help my narrow things down. A better error message would be appreciated greatly

I narrowed my issue down to

NetworkProtocolTcp NetworkProtocol = "TCP"

where I have...

What is the issue?

For a windows user running the installation against a version incompatible with the latest language features (looking at you... the user who holds onto Windows Powershell 5.1 until their last breath and still tries to use ISE 🤣).... PowerShell has language feature to put required version so the error message is more useful in the installation script.

~[#Requires](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_requires?v...

What is the issue?

Hi

From this: https://docs.dagger.io/manuals/user/chaining

Running this func:
dagger -m github.com/kpenfound/dagger-modules/golang@v0.2.0 call build --source=https://github.com/dagger/dagger --args=./cmd/dagger entries

Error: response from query: input: golang.build resolve: call function "Build": process "/runtime" did not complete successfully: exit code: 2

Stdout:
marshal: json: error calling MarshalJSON for type *dagger.Directory: input: contai...

Ah, this is an issue that @kpenfound's module uses an old version of go (while github.com/dagger/dagger pretty much tracks go releases).

@dagger/docs could we update this module to use a more modern version of go?

The chaining example doesn't currently work.

What is the issue?

Hi

I'm getting this error during test

Error: ../../../go/pkg/mod/dagger.io/dagger@v0.13.0/telemetry/exporters.go:92:23: cannot use log (variable of type "go.opentelemetry.io/otel/sdk/log".Record) as *"go.opentelemetry.io/otel/sdk/log".Record value in argument to e.OnEmit

Dagger version

dagger v0.13.0

Steps to reproduce

No response

Log output

No response

I am seeing the same error after upgrading my go dagger module to 0.13.0

cc @vito

I think this happens because we pin the OTEL logging, but sometimes the base OTEL stack can upgraded (e.g. if using a parent go.mod, or dependabot decides to do it, etc) because we don't pin it.

Should we just pin all of OTEL for modules? Sucks, but given how unstable the upstream APIs are, I'm wondering if we should, as suggested here: https://github.com/dagger/dagger/pull/8234#discussion_r1732585400

@jedevc We already pin this dependency for modules, but the issue still remains for non-module use cases, which seems to be the situation here considering the error path (../../../go/pkg/mod/dagger.io/dagger@v0.13.0/telemetry/exporters.go).

For anyone hitting this with non-modules, you could copy-paste these replace rules - ugly solution, but it would prevent the dependency from drifting forward into brokenness.

https://github.com/dagger/dagger/blob/06839862e3437c2f16d95c3621e0d7b1f...

This is an issue we can easily encounter on the main branch of https://github.com/dagger/dagger.

Create a worktree:

$ git worktree add 
$ cd 

Try and get some git metadata:

$ dagger call -m version git head
...
fatal: not a git repository: /home/jedevc/Documents/work/dagger/dagger/.git/worktrees/

This occurs because we look for where .git exists - there's a git file created at .//.git - it's not a directory, and instead contains contents like: `gitd...

Got (almost) the same problem when trying to call Directory.asGit in a git submodule.

Similar to how we have a CHANGELOG.md which describes all of the changes, we should start writing a migration guide - when we release breaking changes, we should add entries to describe everything that users may want to know about upgrading.

This should include:

• For API facing changes, codeblock diffs, with examples for each SDK
• For SDK facing changes, codeblock diffs, with examples for the affected SDKs
• For CLI facing changes, a before-and-after

In the first version of thi...

Overview

When alpinelinux.org is down, building dagger fails. This may also affect other dagger modules that use alpine in the same way we do.

What I did

dagger call -m github.com/dagger/dagger dev

What I expected

A successful build of the latest dagger engine

What happened

Intermittently I get:

[...]
│ ✔ alpine(branch: "3.20.2", packages: ["build-base", "go", "git"]): Alpine! 0.2s
│ ∅ .container: Container! 0.2s
│ ! failed to get alpine...

Agreed, this is a little frustrating - however, this is the case for a whole variety of services:

• Dockerhub (for our use of official images)
• The go proxy, pythonhosted, npm (anything that our SDKs use)
• Github (or anywhere our modules are hosted)

There's a few things we can do to improve this generally, but having better caching is really the best first step. Avoiding making as many network requests as possible will be a huge help here.

After that, I think having a concept of "p...

You can’t create a module that conflicts with a core type:

❯ dagger init --sdk=go container
Initialized module container in container
❯ dagger functions -m container
Error: get module name: input: failed to get schema: failed to get schema for module "container": type "Container" is already defined by module "daggercore"

But a module doesn’t just create an object named after the module’s name, it also creates a constructor field under Query with the same name.

However, f...

Error: input: goreleaser failed to set call inputs: failed to load contextual arg "source": failed to load contextual directory "/": failed to get dir instance: failed to get blob descriptor: failed to solve blobsource: failed to load ref for blob snapshot: missing descriptor handlers for lazy blobs [sha256:391afdd16053cec967706502836ef1516804a1f0e7550d824c9b08b61eac13b9]

Currently in a broken state. @sipsma let me know what information will help to debug this

_EXPERIMENTAL_DAGGER_CACHE_CONFIG="type=s3,mode=max,use_path_style=true,prefix=*******/,access_key_id=*****,secret_access_key=*****,bucket=*****,region=us-east-1"

as a follow up of https://github.com/dagger/dagger/pull/8724#discussion_r1848219633, we want to possibly revisit later the key used for namespacing the cache volume.

originally the idea was to use module digest, but that would mean if change the module source, the new cache volume will be created, so as part of https://github.com/dagger/dagger/pull/8724 we are creating cache volume based on modName + modPath

This may bring up its own set of challenges, so keeping this issue to tra...

Is it possible to allow users to customize the namespace key? I.e., if we want to also always use git.repo and git.branch for namespacing.

Problem

Edit: check my last comment below: https://github.com/dagger/dagger/issues/8955. Seems like the original issue can't be reproduced anymore verbatim. However, there seems to be some other variations that still show a similar cache invalidation behavior.

I have the following pipeline:

func (m *Test) Test() *dagger.Container {
	return dag.Container().From("alpine").
		WithExec([]string{"sleep", "5"})
}

~~If I run that multiple times, I'll get a cached output as expec...