• Keep or Remove: Is this a duplicate? Is it implemented? Does it work?
• Documentation: Does the generated doc look okay?
  • Is the package documented? https://github.com/dagger/dagger/pull/564#issuecomment-855719428
  • Is every #Definition documented?
  • Is every input and output documented?
• Annotations: Are the inputs and outputs correctly annotated with @dagger(input) and @dagger(output)?
• Test: Is there a bare minimum of testing?
• Consistency:
  ...

Tentative plan (suggestion only -- need to confirm with "Quick Start" doc @samalba):

• Provision a S3 bucket on AWS using CloudFormation
• Upload files to the bucket using the same instructions as the "Quick Start" example

Assigning to @samalba to confirm the scenario, please re-assign to @grouville to lead the implementation

Provide basic commands to import/export encryption keys.

Goal: one line command to import the the encryption key used in the examples.

Alternative to the Kubernetes tutorial for application deployment.

Today we don't support Cloud Run, so the first step would be to implement gcp/cloudrun.

We already do support a couple of GCP services (GCR and GKE) and have a generic gcp.#GCloud abstraction to run the gcloud CLI with authentication and presets, hopefully adding support for Cloud Run is quick and painless.

• add todo app from https://github.com/mdn/todo-react
• implement Dockerfile

Bumps merge-deep from 3.0.2 to 3.0.3.

Commits

628ff47 3.0.3
cfbe20c run verb to generate README documentation
e370968 Merge pull request #17 from jonschlinkert/key-properties
393e2cb adding a test to ensure using merge-deep for inheritance still works
c39b161 add test to ensure constructor is not cloned
11e5dd5 add isValidKey function to ensure only valid keys are merged
See full diff in compare view

[![Dependabot compatibility score](http...

Bumps dns-packet from 1.3.1 to 1.3.4.

Commits

ebdf849 1.3.4
ac57872 move all allocUnsafes to allocs for easier maintenance
c64c950 1.3.3
0598ba1 fix .. in encodingLength
010aedb 1.3.2
0d0d593 backport encodingLength fix to v1
See full diff in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dns-packet&package-manager=npm_and_yarn&previous-version=1.3.1&new-versio...

Localstack test implementation.

As I didn't rebase frequently, I need to add the S3#Sync tonight, but currently stuck by the issues cited below.

I am encountering these 2 issues :

• A race condition (Through my tests/debugging, I realized that we cp / sync a file/ folder to AWS S3, then we query it right away with a recursive ls. However, it triggered an error (not very clear) that the file doesn't exist (fixed with a sleep, but if behavior is confirmed, will need to find a better fix...

This is a temporary workaround for issue #495 - right now yarn is barely usable because of exec duplication.

As soon as #495 is fixed, this can be reverted.

I don't think this is related to AWS, pretty sure this is global to usage of secrets.

I gave wrong secrets to awsConfig and I got the following error:

5:35PM INF s3bucket.url | computing
5:35PM ERR s3bucket.url | #13 3.188 fatal error: An error occurred (AuthorizationHeaderMalformed) when calling the ListObjectsV2 operation: The authorization header is malformed; the Credential is mal-formed; expecting "/YYYYMMDD/REGION/SERVICE/aws4_request".

I then tried to fix the keys a...

Implements todoapp deployment to s3 static website

Meta issue to capture docs website.

• Integrate new design
• Make the docs website responsive
• Misc issues (e.g. inlined code not very readable)

See #193 for previous attempt.

This has been causing massive headaches and some issues are still not fixed.

• Either things were running too many times (cache issue): #449 #495
• Or not enough ("random" generation bug that broke the CI for a few days)

There's a few causes, some of the most recent ones:

• always: true only guarantees the instructions to run ONCE for each dagger up.
  • things like generating a random number with always: true will yield the same random n...

Currently docker.#Run can run an image specified by ref, but cannot run an arbitrary artifact. This prevents composition, for example it’s not possible to build a container then directly running it on a remote host.

Temporarily disable cache mount #495

See https://github.com/dagger/dagger/pull/595/commits/ec6aee2b87d3f6f7109df7f632490d65be24c466 for reproduceable environment.

Updated the whole docs layout

Adding empty template for cloudformation guide

• Fix running from any directory
• Fix display format for test logs
• Move helpers to a common helper file
• Indentation
• Enable shellcheck for universe tests

• doc generation: refactor to allow multi-stage processing
• docs generation: write package doc as README.md if there are sub-packages

Signed-off-by: Tihomir Jovicic

In docs.dagger.io, the complete contents of the API reference (full package hierarchy) is unrolled in the navigation bar, which makes it very long and makes the overall structure hard to read.

Bumps ws from 5.2.2 to 5.2.3.

Release notes
Sourced from ws's releases.

5.2.3
Bug fixes

Backported 00c425ec to the 5.x release line (76d47c14).

Commits

6dd88e7 [dist] 5.2.3
76d47c1 [security] Fix ReDoS vulnerability
See full diff in compare view

[](https://d...

Instead of https://todoapp.microstaging.io, use https://todoapp.dagger.run. Similar to https://waypoint.run, it’s self-explanatory that it is part of the Dagger platform, yet distinct from dagger.io.

changed bucket name cc @shykes

We should document how to contribute to the Dagger project, with topics such as:

• How to find something useful to do
• Architecture of the codebase
• Contributing to the Dagger engine (go)
• Contributing to the Dagger universe (cue)
• When and how to use Github issues & discussions
• When and how to use Discord
• How to run the tests ; how to add tests
• Contirbuting to the docs
• FAQ: commands you will probably need, but are hard to remember

etc.

See https://github.com/dagger/dagger/pull/610 for examples. The following content must be completely migrated:

• ./tests/stdlib/ to ./universe/.dagger/env (requires creating valid dagger environments)
• ./tests/stdlib.bats to ./universe/universe.bats (requires adapting the tests)

First version of the user manual.

This is an umbrella issue for the problem of unclear error messages… Of which there are a lot.

Along with AWS and GCP support that we already have, it would be nice to have Azure support.

It would be a directory in stdlib similar to GCP and AWS one:

https://github.com/dagger/dagger/tree/main/stdlib/gcp
https://github.com/dagger/dagger/tree/main/stdlib/aws

Currently we just ignore the input if it's non existing.

We should at least log a warning to a user that the type of the input is not the same

Currently we write a test, create an environment (using dagger init and new) and copy the .cue test file to .dagger/plan/env. Often, when I'm updating the test I forget to update the same file in the .dagger/plan/env dir.

Maybe a practical solution is using soft links.

Self explanatory, happens on input.

• explain what exactly happens when running dagger up
• it isn't clear is up commands are ran sequentially or in parallel
• document useful commands like: dagger query, dagger input edit, dagger -l debug up --no-cache

cc @samalba

The Amazon S3 package should support (optionally) creating a bucket when it does not exist.

Signed-off-by: slumbering

Changes

Replace docker.#Client with docker.#Command definition

It's a simple wrapper that will expose an interface to run any docker or docker-compose commands

You can configure :

• ssh
• environments
• mount volumes
• command to execute
• package to install

Tests

• docker version with ssh
• docker version with ssh and key passphrase
• docker version with ass and wrong key passphrase

Changes

Replace docker.#Client with docker.#Command definition

It's a simple wrapper that will expose an interface to run any docker or docker-compose commands

You can configure :

• ssh
• environments
• mount volumes
• command to execute
• package to install

Tests

• docker version with ssh
• docker version with ssh and key passphrase
• docker version with ass and wrong key passphrase

Actually, we use the old version of dagger.#Secret in #DockerLogin

#DockerLogin: {
	do:       "docker-login"
	target:   string | *"https://index.docker.io/v1/"
	username: string
	// FIXME: should be a #Secret (circular import)
	secret: string | bytes
}

That's a real problem because we can't send secret. Tests are using dagger compute --input-yaml inputs.yaml but it gonna be deprecated.

Changes

• Resolve #552
• Update docker.#Push documentation
• Replace old tests with new one

Issues

op.#DockerLogin doesn't support new type dagger.#Secret, wrote an issue : #627.
I've use an hack to do tests with secret but we should fix this really fast

Bumps github.com/rs/zerolog from 1.22.0 to 1.23.0.

Commits

117cb53 Fix copying stack setting in logger's Output method (#325)
e05605c Use github.com/coreos/go-systemd/v22 (#322)
6ed1127 Fix panic on disabled event with CallerSkipFrame
47a03bc Add ability to customize internal json marshaler (#318)
ffbd37b Add Func log method (#321)
See full diff in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibili...

@samalba faced some linting issues because of a disparity in the markdown-cli binary version. The prior markdownlint-cli Github Action used is using an older version than the one installed by default.

This old version doesn't automatically consider headers ending with ? as a valid syntax. However, the last two versions do.

The new action is using markdown-cli version 0.26, so not the last one, but is updated regularly.

Proposal

Instead of each Dagger environment embedding a complete copy of a cue module (.dagger/env/FOO/plan/*.cue), add a new field cue to the environment configuration (.dagger/env/FOO/values.yaml):

• plan: module (optional) references the local path of the cue module to use as a plan, relative to the workspace root. Default: ..
• plan: package (optional) references the name of the Cue package within the module to use as a plan. Default: defer to cue loader (accept any ...

Signed-off-by: slumbering

@samalba @aluzzardi @shykes

Here is the first draft of the Infrastructure provisioning guide. I chose one of the possible angles : I chose to be very didactic. It may be missing some why ? I didn't find them 100% necessary, as most of it would already be explained in previous guides

Signed-off-by: Guillaume de Rouville

Fixing an English typo leading to some ugly AWS CLI help :

➜  plan dagger input list
Input                 Value                  Set by user  Description
...
cfnStack.timeout      *10 | >=0 & int        false        Timeout for waiting for the stack to be created/updated (in minutes) =0 & int        false        Maximum waiting time until stack creation/update (in minutes)

Signed-off-by: Guillaume de Rouville

Signed-off-by: slumbering

fixed CI

Signed-off-by: slumbering

Bumps sass from 1.34.1 to 1.35.0.

Release notes
Sourced from sass's releases.

Dart Sass 1.35.0
To install Sass 1.35.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes

Fix a couple bugs that could prevent some members from being found in certain files that use a mix of imports and the module system.

Fix incorrect recommendation for migrating division expressions that ref...

First pass at stdlib package doc strings for improved generated reference doc.

do not merge yet

This is 100% backward compatible at the moment.

dagger new still defaults to .dagger/env//plan (so no breaking changes).
Switching to the new UX is just a matter of defaulting the module to . instead. This requires updating the docs first.

• add support for --module and --package to dagger new
• editable through dagger edit (note: renamed from dagger input edit)
• backward compatible and lazy migration (e.g. running dagger up, dagger edit etc will add a plan secti...

Bumps filippo.io/age from 1.0.0-rc.2 to 1.0.0-rc.3.

Release notes
Sourced from filippo.io/age's releases.

Never two without three
Maybe™️ actually™️ the last v1.0.0 release candidate!
Encrypted identity files are now supported. Regular passphrase-encrypted age files can be used with -i, the passphrase will be requested interactively, and the decrypted file will be read line-by-line as a standard identity file.
Passphrases can now be requested interactiv...

Bumps github.com/spf13/viper from 1.7.1 to 1.8.0.

Release notes
Sourced from github.com/spf13/viper's releases.

v1.8.0
This is a maintenance release primarily containing fixes and improvements. The most prominent change is the etcd update to 3.5.0. Thanks to proper Go modules support, the dependency graph became much smaller.
## Changes
Added

Allow BindEnv to register multiple environment variables
Support for accessing slices
Experimental WASM support: Vi...

Bumps sass from 1.35.0 to 1.35.1.

Release notes
Sourced from sass's releases.

Dart Sass 1.35.1
To install Sass 1.35.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes

Fix a bug where the quiet dependency flag didn't silence warnings in some stylesheets loaded using @import.

See the full changelog for changes in earlier releases.

Changelog
Sourced from sass's changelog....

• Git package uniformization : as it was properly commented, mainly moving @output + removing \n.
• Add tests for git package

Signed-off-by: Guillaume de Rouville

Signed-off-by: Sam Alba

Signed-off-by: Sam Alba

In the API reference section of the docs, each individual package has an address (for example /reference/universe/alpine), but there is no address for the API reference as a whole.

• /reference returns 404
• /reference/universe returns 404

This makes it difficult for other docs pages to link to the APi reference, which would be very useful.

fixes #657

• @shykes I saw that you used bash in code blocs, but shell is being used everywhere. So I changed to shell in 102 doc
• I separated textual changes from unification, here it's only unification
• I'm doing like Andrea in 108: I work directly in .dagger, and set the title the same way as he does
• Fixing some linting issues hidden by .mdx format

Signed-off-by: Guillaume de Rouville

Signed-off-by: Sam Alba

Signed-off-by: Solomon Hykes

@shykes

• I implemented everything you asked : now everything lies in subdirectories, and development angle also changed
• I also directly modified the AWS guide (even though not complete yet), to follow these guidelines
• Also removed the harcoded "us-east-2"

Signed-off-by: Guillaume de Rouville

As seen with @aluzzardi, the doc uses the str type for kubeconfig input. It had been changed as a secret, however, GKE exports a string (cannot export secrets). A revert was necessary in order to run gke and eks packages

Signed-off-by: Guillaume de Rouville

Fix last bugs on Kubernetes's doc : fully tested for kind version

Signed-off-by: Guillaume de Rouville

To avoid duplicate and out-of-date content, remove the original examples directory in favor of the new tutorials and accompanying examples repository.

If we want to reuse content from the original examples, we can always fish it out of the git history.

cc @aluzzardi @shykes

Signed-off-by: slumbering

yarn runs all the time

Authorization scope needs to me less permissive.

issue reported by Discord user julieng

Signed-off-by: slumbering

Use env variables to enable/disable GIthub Oauth
Stop api call (when browser is refresh) when user is granted

always: true is no more mandatory in the example app.

For docs clarity, I replaced always: *true | bool with always: *true | false - which broke the if in the s3.cue.

This PR solves the issue.

Url

• https://docs.dagger.io/learn/102-dev

The link toward Dagger Universe is broken (404 page not found)

• docs: set env vars for deployment
• docs: netlify: disable auth for deploy preview, enable in production

Signed-off-by: Sam Alba

Changes

Move tests from stdlib to universe

Packages done :

• AWS : eks
• Docker : build
• Docker : build from dockerfile
• Docker : pull and push (done in #628)
• K8S : deployment
• K8S : Helm
• K8S : Kustomize
• Terraform

Fix

I've fix helm tests, kubernetes can't deploy a pod thas has a name longer than 53 characters.
Here's the issue

Add a #Input core type to wrap dagger(input) attribute.

Bumps @docusaurus/core from 2.0.0-beta.0 to 2.0.0-beta.1.

Release notes
Sourced from @​docusaurus/core's releases.

v2.0.0-beta.1
2.0.0-beta.1 (2021-06-18)
:rocket: New Feature

docusaurus-plugin-content-docs

#4982 feat(v2): add docs pagination_label frontmatter (@​slorber)

docusaurus-theme-classic

#4949 feat(v2): add icon to external navbar links (@​lex111)
#4939 feat(v2): theme default translations Bengali (@​Neilb...

Bumps @docusaurus/preset-classic from 2.0.0-beta.0 to 2.0.0-beta.1.

Release notes
Sourced from @​docusaurus/preset-classic's releases.

v2.0.0-beta.1
2.0.0-beta.1 (2021-06-18)
:rocket: New Feature

docusaurus-plugin-content-docs

#4982 feat(v2): add docs pagination_label frontmatter (@​slorber)

docusaurus-theme-classic

#4949 feat(v2): add icon to external navbar links (@​lex111)
#4939 feat(v2): theme de...

Changes

Resolve #593

• docker.#Run can now run the container from an artifact.
• Improve docker-run-ssh tests

Signed-off-by: slumbering

Signed-off-by: Sam Alba

This is a placeholder issue. @slumbering and @aluzzardi have encountered an issue with the netlify package, which prevents them from configuring Netlify via the netlify.toml file.

FIXME: insert more details on the issue here :)

• Add tests to dagger/examples
• A PR against dagger/examples should run the examples suite
• A PR against dagger/dagger should run the examples suite

Thanks to #648, plans can now reside in a different directory than .dagger/env/XX/plan.

• Move tests directly inside the package, e.g. universe/docker/test (note: in cue a sub-package is a specialization of the parent package)
• Change the universe environment to point to the new plan (e.g. using dagger edit, change the plan key)

Related to #611, will address #619

To complete #631: #648 introduced a --module and --package flag to dagger new.

By default, we use .dagger/env/XXX/plan as the cue module. Instead, we should default to ..

In preparation of moving universe out of the dagger binary (#285), an intermediary step would be to provide the future UX (e.g. dump universe inside cue.mod) while keeping universe vendored in the binary.

There's a few open questions:

• How do we keep track of versioning?
• How do we detect an outdated version? Do we prompt the user for updates?
• What are the commands to get/upgrade?

This is related to #540 and will allow to cue eval dagger configurations

Perhaps we should put it behind a CloudFront distribution

Feedback from @tiborvass

• Move to a "one step install"
• Consider using sudo in the install script itself (that's what homebrew does). e.g. curl | sh instead of curl | sudo sh
• Consider a shorter URL, e.g. dl.dagger.io/install
• Make sure the install script is viewable from the browser (I think the content type is not set so the browser downloads it right away)

Feedback from me: maybe we should just put a CloudFront in top of our bucket rather than using redirects (so it...

Right now only kind is fully functional -- the GKE/EKS examples do not use GCR/ECR.

Currently, only the S3 tutorial (101) uses examples/todoapp has its plan embedded (e.g. examples/todoapp/.dagger/env/s3/plan).

We should make this pattern consistent across all the tutorials.

AFAIK, the kubernetes tutorial is different. I'm not sure about the others.

Fixes #241

cc @aluzzardi

This prevent the call as specified in the tutorial to error out if
${HOME}/.config/dagger does not exist yet.

Signed-off-by: Kenfe-Mickael Laventure

Allows a unique page that indexes stdlib.

Fixes #681

This simplifies the os.#File API to make it less verbose and more intuitive. It’s a breaking change. Dependencies in stdlib have been fixed, but I may have missed some.

Complete refacto of the CF doc.

• For consistence, it follows at 99% Andrea's writing style. The process is the same. Learnings are similar, even more detailed
• dagger.#Input is now used
• Also fixes an output issue on the Cloudformation's relay: we didn't have the
• Grammarly has been used, for English consistency

100% working as of now!

In this example, the s3 secret can be easily decrypted.

If the secret must remain in the project I think the secret authorization must be limited.

Note: this issue resurrects a discussion started in a now-closed PR

Summary

There are several methods to manage Kubernetes configurations with Dagger. Currently, the Kubernetes tutorial focuses on one method: embedding a configuration in a string, in the cue config. This method has benefits in the context of a tutorial, but it has one major drawback: it is unfamiliar to Kubernetes users. We should modify the tut...

Summary

Maintainers must check each commit to make sure that the DCO statement (Signed-off-by: ) includes the real name of the contributor, and not a pseudonym.

Context

Dagger uses the Developer Certificate of Origin (DCO) process to make sure all contributors are legally allowed to contribute. Major projects like Linux and Docker use DCO to protect their contributors.

DCO is implemented by requiring that ...

Fixes #546

Signed-off-by: Sam Alba

I think the executable script used with curl isn't really deserving that project as there were many fuds back in the days when Docker was installable using the same mechanism.

Having, brew, binary and source method is by far enough IMHO

putting also the fact that this method (shell script) will definitely raise at some point, security concerns

there's no need to suggest moving the binary to /usr/local/bin as there are safer ways to make dagger binary available in the user path.

for example we can simply do either:
export PATH=$PATH:$HOME/bin
or
add into the .bashrc file :

    # testing if dagger binary is present and updating user PATH  
    if [ -f ${HOME}/bin/dagger ]; then
	export PATH=$PATH:$HOME/bin
    fi

users who would want to test out dagger doesn't necessarily have sudo privileges :(

it might be pretty obvious i got that , but the tutorial is for anyone who's willing to discover dagger.
So we shouldn't make assumption they already know it leverages docker (buildkit).

So I think it would be beneficial to add that having a running Docker engine locally before running the demo app is mandatory :)

Signed-off-by: jffarge

TL;DR

• Resolve #685
• Update doc generator to ignore tests dir

Changes

Move tests plan from .dagger/env/xxxx/plan to xxxx/tests.

E.g

$ ls -R universe/alpine
universe/alpine:
alpine.cue  tests

universe/alpine/tests:
alpine.cue

Bumps @docusaurus/preset-classic from 2.0.0-beta.0 to 2.0.0-beta.2.

Release notes
Sourced from @​docusaurus/preset-classic's releases.

v2.0.0-beta.2
:rocket: New Feature

docusaurus-plugin-content-docs, docusaurus-theme-classic

#5052 feat(v2): docs version banner configuration option (@​slorber)

docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-types, docusaurus

#5037 feat(v2)...

Bumps docusaurus-plugin-sass from 0.2.0 to 0.2.1.

Release notes
Sourced from docusaurus-plugin-sass's releases.

v0.2.1

Fix: dev css modules classnames should include filename #18

Commits

294e8a5 Update package.json
13c60af Merge pull request #18 from frilox042/fix-css-module-identName-dev
39a3301 Fix: dev css modules classnames should include filename
6efa53f Merge pull request #16 from rlamana/dependabot/npm_and_yarn/hosted-git-inf...

Bumps @docusaurus/core from 2.0.0-beta.0 to 2.0.0-beta.2.

Release notes
Sourced from @​docusaurus/core's releases.

v2.0.0-beta.2
:rocket: New Feature

docusaurus-plugin-content-docs, docusaurus-theme-classic

#5052 feat(v2): docs version banner configuration option (@​slorber)

docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-types, docusaurus

#5037 feat(v2): plugins injectHtmlTags + configur...

@TomChv realized that one of our Bats test didn't fail on a test with missing inputs :

# Inside universe dir
dagger up -e  docker-run-local >&- # <-- should fail and exit code should return 1, but not the case

The behavior:
If the stdout isn't linked to a terminal, we don't print missing inputs as errors but as warnings. As bats redirects the stdout, we fall under this behavior.

More precisely:

func checkInputs(ctx c...

This PR is the continuation of the doc: push image to remote repo + EKS/GKE afterward.

• It's still a WIP because I'm waiting for a PR to be merged, to avoid using low level components of Dagger
• It also fixes 2 minor issues on GKE/EKS packages (wrong @dagger.input location)
  Signed-off-by: Guillaume de Rouville

This updates to use the latest version of dagger.io/os (change in #File) API.

Problem

Actually, values.yaml has been encrypted with different keys but the user can only fetch one.

Here is the difference

$ ls
helloapp  LICENSE  Makefile  README.md  todoapp  voteapp
$ cat helloapp/.dagger/env/staging/values.yaml | grep "recipient"
        - recipient: age1ez5phfa2l6e9fqt4nnem734jajg4nlcefhv3ydeltzjlele47ags34868h
$ cat todoapp/.dagger/env/s3/values.yaml | grep "recipient" 
        - recipient: age1gunf55cd2v30j76w4arxgmzks48v2a56pdw0vtn2j2ax6q2yp3wq...

Dagger supports encrypting secrets out of the box. But it does not (yet) support controlling who can access which encrypted secret.

Our underlying crypto framework (AGE and SOPS) provides building blocks for very powerful collaboration workflows. Now we have to assemble these building blocks in a particular way, and provide an outstanding collaboration experience in Dagger :)

Dagger supports encrypting secrets out of the box. But it does not (yet) support controlling who can access which encrypted secret.

Our underlying crypto framework (AGE and SOPS) provides building blocks for very powerful collaboration workflows. Now we have to assemble these building blocks in a particular way, and provide an outstanding collaboration experience in Dagger :)

It would be neat if dagger could optionally launch a companion webapp to monitor and configure an environment. This companion webapp would not implement a specific feature, but rather provide a platform for delivering various features that are more appropriate for a web environment. This would allow the CLI to focus on what it does best, and relax the requirement to do absolutely everything in a POSIX terminal, which is very challenging.

In short: if dagger always has access to 2 modes...

Signed-off-by: jffarge

Signed-off-by: jffarge

Signed-off-by: jffarge

Problems

Actually, the documentation has some bug with universe packages.

Here's the list of current problem I've found :

• docker.#Run: concrete value are displayed, inputs from child packages are shown for nothing.
• ecr.#Credentials: inputs from aws.#Credential are displayed twice.
• [ecs](https://devel.docs.dag...

Bumps github.com/spf13/viper from 1.8.0 to 1.8.1.

Release notes
Sourced from github.com/spf13/viper's releases.

v1.8.1
This patch releases fixes two minor issues:

Replace %s with %w when wrapping errors
Fix pflag.StringArray processing

Commits

bd03865 Add a proper processing for pflag.StringArray
3fcad43 update %s to %w
See full diff in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_sc...

Changes

I found an issue when during tests execution : there was an orphan.
It's because #App doesn't give way to specify the compose project, by default it's the directory where you launch your app but in our definition, it will always be source.

The problem is that if we launch two differents docker-compose in the same server, his project name will be source for both and it will create orphans problems on cleanup (by docker-compose down).

This case is exactly what we do in test...

I tried both the link in README.md and the welcome email: Join the Dagger community on Discord

I saw that docker-compose support was recently added; i suggest to install the newer implementation based on go.
Considering that it is based on the "cli plug-in mechanism" we can add the ability to install external cli plug-ins as packages or wait for it to become part of the base docker cli installation.

When we run dagger doc dagger.io/netlify it throws an error
FTL system | cannot compile code: cannot find package "dagger.io/netlify" for any module.
I tried it with dagger doc alpha.dagger.io/netlify, it was working. Just need to update the doc.

Dagger use OpenTracing to export traces, OpenTelemetry is considered the new version of both OpenTracing and OpenCensus

Getting started
Migration guide
Example

What IMO is missing from https://docs.dagger.io/vs is a comparison with terraform.

This PR addresses #472 by marking unimplemented sub-commands as hidden.

Signed-off-by: Cornelius Toole

As explained by @aluzzardi , the seed field in the random package is not actually a pseudo-random generator seed. I re-read the comment and still don’t completely understand what it actually is…

I saw a downstream package do something like:

foo: random.#String & { seed: “some constant” }

This will probably cause reactions from people also confused by the term “seed”.

We should either:

A) Better document what seed is and why it makes to call it that, or
B) change ...

Relaying feedback by @amylindburg , thanks Amy!

If you want the user to simply be able to type in the proposed commands to be successful, then there are a few commands where --environment should be specified (because you end up creating several during the tutorial). But not a biggie.

dagger query point --environment="cloudformation"

Relaying feedback from @amylindburg, thank you Amy!

The Plan
"The plan is the deployment code, that includes the logic to deploy the local application to an AWS S3 bucket."

Remove the comma: "The plan is the deployment code that includes the logic to deploy the local application to an AWS S3 bucket."

The Inputs
"The plan can define one or several inputs in order to take some information from the user."

The phrase "take some information from the user" ...

Signed-off-by: jffarge

We are deprecating the original method of embedding cue configuration (“the plan”) inside each environment directory. The recommended method is to write Cue configuration in a regular cue module (for example at the root of the repository, or any sub-directory), then reference that configuration in the environment.

Our tutorials don’t use this method yet: we should change them so that they do.

Creating this as a placeholder, will add details later :) cc @samalba

Signed-off-by: jffarge

I removed the plan.module field of my environment in dagger edit. After that, all commands against that environment failed, including dagger edit. This made it impossible to revert my error, short of running git checkout -f — values.yaml. I tried editing the file manually but that caused sops errors.

• Calls netlify build to support netlify's native features (build plugins, netlify.toml, remote config, etc...)
• If there is nothign to do, netlify build won't do anything and can be run safely everytime without slowing down the deployment.

Fixes #696

Changes

It will now be possible to execute CI in parallel

• Fixes English mistakes in docs_101 (using Grammarly)
• Specify dagger -e everywhere dagger is being used

Fixes #740
Fixes #739 (even though Kubes part is handled in PR#720)

Signed-off-by: Guillaume de Rouville

Fixes #719
I've commented the docker.#Local tests because it has missing inputs (and it isn't implemented properly yet)

Signed-off-by: Guillaume de Rouville

Bumps prismjs from 1.23.0 to 1.24.0.

Release notes
Sourced from prismjs's releases.

v1.24.0
Release 1.24.0

Changelog
Sourced from prismjs's changelog.

1.24.0 (2021-06-27)
New components

CFScript (#2771) b0a6ec85
ChaiScript (#2706) 3f7d7453
COBOL (#2800) 7e5f78ff
Coq (#2803) 41e25d3c
CSV (#2794) f9b69528
DOT (Graphviz) (#2690) 1f91868e
False (#2802) 99a21dc5
ICU Message Format (#2745) bf4e7ba9
Idris (#2755) e9314415
Jexl (#2764) 7e51b99c
KuMir (КуМир)...

Maven support

• The idea is based on js/yarn
• Tested using a simple spring boot project
• Added a simple documentation page

Signed-off-by: Alvise

• Wording improvement on 102/103 (using Grammarly)
• Clarify some ambiguous sentences

Signed-off-by: Guillaume de Rouville

Bumps google.golang.org/grpc from 1.38.0 to 1.39.0.

Release notes
Sourced from google.golang.org/grpc's releases.

Release 1.39.0
Behavior Changes

csds: return empty response if xds client is not set (#4505)
metadata: convert keys to lowercase in FromContext() (#4416)

New Features

xds: add GetServiceInfo to GRPCServer (#4507)

Special Thanks: @​amenzhinsky

xds: add test-only injection of xds config to client and server (#4476)
server: allow PreparedMsg...

Signed-off-by: jffarge

Signed-off-by: jffarge

The interface and behavior is identical to S3.

Signed-off-by: Scott Lewis-Kelly

@solomon#4104, I know why @rawkode's push to netlify failed. It's not linked to his key, but because of the naming of his site, which had to be globally unique.

Netlify package currently doesn't print errors properly, which is very very confusing. This made me crazy yesterday while moving packages. This PR fixes it

Signed-off-by: Guillaume de Rouville

Changes

There is a bug in the CI, if a pod has a name longer than 53 chars, he can't run.

I've reduce the number of chars in chart name to avoid that bug.

Taking from the Discord chat , there are few questions as a first time users to Dagger and I think FAQ is a great place for that

• What are Dagger Use cases
• What is not the goal of Dagger
• Dager vs Terraform
• is Dagger a PAAS?
• How to integrate with other cloud providers ?
• Dagger vs Other tools like Ketch, Epinio
• Is Dagger limited to Kubernetes ?
  And will keep on adding more relevant questions if there are tutorials then point links to them directly. or if an answer mig...

So after I was able to deploy to Civo Kubernetes (which is K3s based) There was s thought of integration and I am ver well onboard with this.

@TomChv Following #756 issue, same implementation as Andrea's one. Could you please review ?

Signed-off-by: Guillaume de Rouville

• What this feature does:
  Windows users should be able to use the dagger binary getting a similar experience to the one proposed for Linux in the docs.
• What has been changed: the feature implements a PowerShell script similar to install.sh logic. More specifically I've updated install.md and added install.ps1

I'm not sure if the URL releases.dagger.io is currently pointing at the content of GH repo or something else so the documented steps may need a review.

**...

Bumps @docusaurus/preset-classic from 2.0.0-beta.0 to 2.0.0-beta.3.

Release notes
Sourced from @​docusaurus/preset-classic's releases.

v2.0.0-beta.3
2.0.0-beta.3 (2021-06-30)
:rocket: New Feature

docusaurus-theme-classic

#5092 feat(v2): add icon to external footer links (@​lex111)

:bug: Bug Fix

docusaurus-theme-classic

#5080 fix(v2): classic theme - semantic correct anchors links (@​AuHau)
#5081 fi...

Bumps @docusaurus/core from 2.0.0-beta.2 to 2.0.0-beta.3.

Release notes
Sourced from @​docusaurus/core's releases.

v2.0.0-beta.3
2.0.0-beta.3 (2021-06-30)
:rocket: New Feature

docusaurus-theme-classic

#5092 feat(v2): add icon to external footer links (@​lex111)

:bug: Bug Fix

docusaurus-theme-classic

#5080 fix(v2): classic theme - semantic correct anchors links (@​AuHau)
#5081 fix(v2): restore previous scroll posi...

Dagger has a concept of “components” (sometimes also called “relays”, terminology is in flux) to describe the basic building block of a Dagger configuration. Each component corresponds to one tool or service in your delivery workflow, represented as a node in the DAG.

Today these “components” are abstract concepts.

• They are not present in the CLI
• They are not present in the Cue APIs
• They are implicitly present in the Dagger source code, but defined simply as “a cue value with a ...

In the past, a killer feature of Dagger (and its early prototypes) was the ability to create micro-staging environments on demand. For example, a CI script could create a separate environment for each pull request, on the fly, without tedious manual intervention. This highlights a natural strength of Dagger, and naturally complements traditional gitops tools and workflow, which are constrained by the static/manual nature of git-driven operations.

To summarize our current approach to on-dem...

https://discord.gg/Rmffpmc

link doe not work in readme, is it still active or valid ?

Fixes #699

Still need to update docs

Signed-off-by: Andrea Luzzardi

WIP: universe vendoring

Rather than injecting universe at runtime, this change will vendor
alpha.dagger.io in cue.mod directly.

Fixes #700
Depends on #772

❯❯❯ mkdir foo
❯❯❯ dagger new foo --module foo
❯❯❯ tree foo
foo
└── cue.mod
    ├── module.cue
    └── pkg
        └── alpha.dagger.io
            ├── alpine
            │   ├── alpine.cue

docker.#Push definition has a check to see if auth is set:

if auth != _|_ {
	op.#DockerLogin & {
		"target": target
		username: auth.username
		secret:   auth.secret
	}
},

However, auth is not optional, which makes this verification obsolete.

It seems to be a useful check: when rewriting the "local build and push of docker images" for the Kubernetes doc, without this PR, the secret and username values have to be set to "". It's very annoying

WARNING: `dock...

Following #772, I moved the plans out of cue.mod (due to a misunderstanding on 102/108. This time, shall be good.

Partially fixes #742. Kubernetes doc will directly enforce it, so no need to change now. Last blocking point on the closure of #742 will be Tiho's doc

Signed-off-by: Guillaume de Rouville

Signed-off-by: jffarge

Signed-off-by: jffarge

Signed-off-by: Alvise

Problems

There is actually a data race condition in the CI on docker.#Push test found in PR #628.

Check the data race below :

# 12:14PM INF TestPush.push.push | completed    duration=2s
# 12:14PM INF TestPush.push.ref | computing
# 12:14PM INF TestPush.push.digest | computing
# 12:14PM ERR TestPush.push.ref | failed: failed to solve: rpc error: code = Unknown desc = failed to authorize: failed to fetch oauth token: unexpected status: 401 Unauthorized    duration=2.1s
# 1...

Changes

Add yaml for new kubernetes tutorial.

:bulb: Depend on https://github.com/dagger/dagger/pull/720

https://github.com/dagger/dagger/blob/main/docs/learn/101-use.md#the-outputs

The outputs
The plan defines one or several outputs. They can show helpful information at the end of the deployment. That's how we read the deploy url at the end of the deployment. Here is the command to list all inputs:

inputs > outputs

Bumps github.com/spf13/cobra from 1.1.3 to 1.2.1.

Release notes
Sourced from github.com/spf13/cobra's releases.

v1.2.1
Bug fixes

Quickfix for spf13/cobra#1437 after v1.2.0 where parallel use of the cmd.RegisterFlagCompletionFunc() (and subsequent map) now works correctly and flag completions now work again

v1.2.0 - The completions release
:stars: v1.2.0 - The completions release
Welcome to v1.2.0 of Cobra! This release focuses on code completions, several...

Fixes #780

There are to many packages that still use the old @dagger(input) tag to specify an input.

We must migrate all inputs from this below

#Def: {
   input: string @dagger(input)

   optionalInput?: string @dagger(input)
}

to this

#Def: {
   input: string & dagger.#Input

   optionalInput: string & dagger.#Input | *null
}

According to @shykes, use null instead of ? looks better when you check the input's value.
Eg below

    if optionalInput...

TL;DR

• Add a new ssh package to interact with a remote host
• Add ssh.#Files definition to upload files to remote host
• Add volumes management in docker/compose.#Compose

Changes

It's now possible to uses volumes with #Compose.
Those volumes will be upload to the remote host. This way, the remote docker engine can use it when executing the docker-compose.yaml.

I've add another test to verify that behavior.

To handle volumes, I've also added a new package name...

Needed for internal infra for simplifying the release process (gh #702).

Bumps react-social-login-buttons from 3.4.0 to 3.5.0.

Commits

See full diff in compare view

[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibili...

Changes

Solve #397

Git package didn't have the keepGitDir option.

However, this option was directly leveraged in the tests using op.FetchGit.
Leveraging the keepGitDir option with the subdir command led to incompatible list lengths (1 and 2) issue.

To fix it, we could either add ... every time we would use op.#FetchGit

        #up: [
            op.#FetchGit & {
                keepGitDir: true
            },
           ... <-- like that
        ]

...

Fixes #376

Example:

❯ cat .dagger/env/playground/plan/main.cue
package playground

import (
	"alpha.dagger.io/dagger/op"
)

version: {
	string

	#up: [
		op.#FetchHTTP & {
			url: "https://releases.dagger.io/dagger/latest_version"
			checksum: "sha256:a309e76efa4550350a29cd41e6cbaf434ae94317bb6652297c79b691230e6abd"
			mode: 0o600
			uid: 1000
			gid: 1000
		},
		op.#Export & {
			source: "/latest_version"
		},
	]
} @dagger(output)

❯ dagger up
2:32...

https://github.com/accurics/terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

500+ Policies for security best practices
Scanning of Terraform (HCL2)
Scanning of Kubernetes (JSON/YAML), Helm v3, and Kustomize v3
Support for AWS, Azure, GCP, Kubernetes and GitHub

Idea to scan dagger application before deploying

we are planning to add cue support (https://github.com/accurics/terra...

Changes

According to @aluzzardi, generate a random tag isn't needed anymore so we remote that part of the 107 doc

Aim of PR:

• Automatic test suite for documentation
• Codeblocs are inlined from cue files

@slumbering, we added the remark-code-import plugin to Docusaurus. Is that ok with you ?
@TomChv, you can directly continue on my branch, let's split 107 to avoid conflict

Signed-off-by: Guillaume de Rouville

Changes

Kustomize has a bug when you replace a digest when both tag and digest.

Eg:

$ cat kustomization.yaml
resources: ["deployment.yaml", "service.yaml"]

images:
  - name: "public.ecr.aws/j7f8d3t2/todoapp@sha256:6224c86267a798e98de9bfe5f98eaa3f55a1adfcd6757acc59e593f2ccdb37f2"
    newName: "localhost:5000/kind:test-kind-azkestizysbx@sha256:cb8d92518b876a3fe15a23f7c071290dfbad5028...

Bumps color-string from 1.5.3 to 1.5.5.

Release notes
Sourced from color-string's releases.

1.5.5 (Patch/Security Release) - hwb() ReDos patch (low-severity)

Release notes copied verbatim from the commit message, which can be found here: 0789e21284c33d89ebc4ab4ca6f759b9375ac9d3

Discovered by Yeting Li, c/o Colin Ife via Snyk.io.
A ReDos (Regular Expression Denial of Service) vulnerability
was responsibly disclosed to me via email by Colin on
Mar 5 2...

Bumps url-parse from 1.4.7 to 1.5.1.

Commits

eb6d9f5 [dist] 1.5.1
750d8e8 [fix] Fixes relative path resolving #199 #200 (#201)
3ac7774 [test] Make test consistent for browser testing
267a0c6 [dist] 1.5.0
d1e7e88 [security] More backslash fixes (#197)
d99bf4c [ignore] Remove npm-debug.log from .gitignore
422c8b5 [pkg] Replace nyc with c8
933809d [pkg] Move coveralls to dev dependencies
190b216 [pkg] Add .npmrc
ce3783f [test] Do not test on all availa...

A Dagger workspace should be configured by one simple file, instead of a combination of special directories, yaml files and cue modules like today. This requires changing a design change in 3 parts:

1. System design: change the contents and lifecycle of workspaces and environments
2. CLI design: change dagger subcommands to reflect the change in system design
3. Developer experience: change how and when Dagger users are required to become full-blown Cue developers

The desired result...

This PR moves the plan outside of .dagger and fixes the out-of-date stdlib calls for voteapp and hello app.
Integration tests won't be here on this repo but on dagger's doc one.

@shykes, I didn't know where to put the files, so I moved the plan at the root of each example

Signed-off-by: Guillaume de Rouville

Fixes #711

Currently most core/ops tests are based off dagger compute. Instead, we should follow the same convention as universe:

• initialize a workspace in tests
• create one environment per test

/cc @TomChv @grouville

Overview

One exciting application of Cue is to generate custom user interfaces. In the context of Dagger, an environment could define a custom control panel, to:

• Prompt user for settings, secrets, and artifacts
• Present additional information and instructions
• Render useful outputs like URL of deployed application, red/green health status..

First prototype

We implemented this feature in an prototype prior to Dagger. Here are a few screenshots.

• The Cue configuration ...

Currently dagger up creates and starts 3 distinct buildkit sessions:

• One for input scanning
• One for environment.Up
• One for output scanning

This forces the copy of the workspace to buildkit 3 times (as well as CUE parsing, universe vendoring, and other heavy operations):

$ cd universe
$ dagger up -e go -l debug
6:17PM DBG [internal] source | #1 Local /Users/al/work/dagger/universe
[...]
6:17PM DBG [internal] source | #2 Local /Users/al/work/dagger/universe
[...]
6...

Bumps sass from 1.35.1 to 1.35.2.

Release notes
Sourced from sass's releases.

Dart Sass 1.35.2
To install Sass 1.35.2, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes

Potentially breaking bug fix: Properly throw an error for Unicode ranges that have too many ?s after hexadecimal digits, such as U+12345??.

Potentially breaking bug fix: Fixed a bug where certain local var...

Works, but backward compatibility issue atm because of differences with release versions

@samalba, it's github's automatic revert

Reverts dagger/examples#32

Reverts dagger/examples#33

This is a proposal for one particular solution to the problem of state persistence in Dagger.

Problem

Sometimes, a component in the DAG needs to remember what they did earlier - usually so that they can undo it. This feature is called “persistent state” or “state” for short. For example, a component which creates Amazon S3 buckets needs persistent state to remember which buckets they created, in case the user wants to destroy them later.

One obvious use of persistent state is the ...

When reviewing the netlify package, I generated a personal token which randomly started with --.

This led to the encounter of this parsing error:

$ dagger input secret site.netlify.account.token  "--lyYc_hJ*********************"  -e multibucket
failed to execute command: unknown flag: ---lyYc_hJPbP**

• The same happens with all inputs, Viper doesn't seem to parse them properly/doesn't seem to understand that an input is expected

For release, doc entirely checked + updated regarding last plan changes

Signed-off-by: Guillaume de Rouville

This is a WIP about supporting Azure in dagger.

the overall goal of this PR is to support push and delete into Azure Storage accounts.

Other PR incoming later once this one is merged around AKS and so on :)

any feedback highly appreciated
PS: I will to squash I know :)

Signed-off-by: Tihomir Jovicic

This is the initial commit for adding Azure Support as per our discussion here
With this PR the user must be able to:

1. Configure an azure account/subscription to which the deployment has to be done.
2. Create a resource group.
3. Create a storage account.

I don't have the test cases at this time but will be submitting them soon.

Signed-off-by: Solomon Hykes

Implemented inputs validation:

• Evaluate cue code before persisting inputs (fixes #287)
• Handle wrong input type (fixes #618)
• Handle setting input which does not exist (fixes #617)
• Added integration tests
• Small refacto for using only one buildkit client (fixes #798)

Problem

To access core Dagger features from Cue, I must find and import several different Cue packages across different import locations. It is not clear when I should use which import location, or why they are split the way they are.

This makes it harder to become a proficient Dagger developer.

Solution

• Simplify how core cue packages are organized: reduce the number of import locations if possible, make rules simpler if possible
• Clarify how core cue packages are organi...

Follow-up to PR #808

• Implements validation of dagger input edit - checks for invalid or wrong types

Follow-up to PR #808 - I broke the no-cache behavior unintentionally. This PR restores the behavior.

Maybe I am missing something, but right now what I see in Dagger is similar to Hashicorp waypoint:

• cli for developers to quickly deploy with minimal fuss
• platform agnostic
• automatic creation of URLs for environments (Saas) version
• opinionated syntax (hcl vs cue)

I think the docs should say what are the pros/cons compared to waypoint.

Another similar project is garden.io which is even more comprehensive as it also has test phases, holds the dependencies between services, ha...

The comparison with CI systems says that dagger can be be used from within CI. But there is no info on how to do that

Maybe a new "dagger ci" command is needed? Or we assume we use the up command?

Also see https://docs.tilt.dev/ci.html

Java developers will be confused as this project already exists

https://dagger.dev/

If this is already known, and accepted already, fine be me.

But since the project is now in early stages it is the perfect time to rename it.

Fixes https://github.com/dagger/dagger/issues/798

A typical problem when developing a new integration for Dagger, is differentiating private and public fields. Currently we use @dagger(input) and @dagger(output) to designate public fields. The remaining fields are considered private. Instead, it would be better to use the standard Cue notation for hidden fields: _foo.

Bumps golang from 1.16.5-alpine to 1.17beta1-alpine.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can al...