Bumps sass from 1.42.1 to 1.43.2.

Release notes
Sourced from sass's releases.

Dart Sass 1.43.2
To install Sass 1.43.2, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes

Improve the error message when the default namespace of a @use rule is not a valid identifier.

See the full changelog for changes in earlier releases.
Dart Sass 1.43.1
To install Sass 1.43.1, download one of...

Bumps golang.org/x/mod from 0.4.2 to 0.5.1.

Commits

49f84bc [release-branch.go1.17] modfile: in SetRequireSeparateIndirect, convert lines...
57376c6 [release-branch.go1.17] modfile: in SetRequireSeparateIndirect, arrange requi...
0f08993 modfile: add SetRequireSeparateIndirect
22458ad modfile: factor out methods for changing Require properties
9eb10b1 modfile: make marking for removal a method on Line instead of FileSyntax
6e4e729 modfile: clean up SetRequir...

Getting an error:

9:24PM ERR load.save | failed: ResourceExhausted: trying to send message larger than max (53984186 vs. 16777216)    duration=1.7s
   9:24PM FTL system | failed to up environment: task failed: ResourceExhausted: trying to send message larger than max (53984186 vs. 16777216)

Signed-off-by: Richard Jones

Bumps @docusaurus/core from 2.0.0-beta.6 to 2.0.0-beta.7.

Release notes
Sourced from @​docusaurus/core's releases.

2.0.0-beta.7 (2021-10-15)
:rocket: New Feature

docusaurus-module-type-aliases, docusaurus

#5683 feat: make Translate children optional (@​lex111)

docusaurus-theme-classic, docusaurus-theme-common

#5674 polish(theme-classic): guard against potential definition mistakes in Tabs (@​Josh-Cena)
#5618 feat: ...

Signed-off-by: jffarge

Signed-off-by: jffarge

Signed-off-by: Andrea Luzzardi

Fix mod unit tests

https://github.com/cue-lang/cue/issues/1078

Replaces PR #1017

Issue

To support the multi-architecture with Dagger and solve #106, it's necessary to improve the engine to handle other architecture than the remote one.

Here's a repro case to understand the problem

My computer supports amd64 so we got the following output :

package main

import (
	"alpha.dagger.io/dagger/op"
)

// Alpîne amd64
amd64: #up: [
	op.#FetchContainer & {
		ref: "docker.io/library/alpine:latest@sha256:69...

Bumps @docusaurus/core from 2.0.0-beta.6 to 2.0.0-beta.8.

Release notes
Sourced from @​docusaurus/core's releases.

2.0.0-beta.8 (2021-10-21)
:rocket: New Feature

docusaurus-plugin-content-blog

#5702 feat(content-blog): new readingTime plugin option (@​Josh-Cena)

docusaurus

#5740 feat(core): write-heading-ids options maintainCasing, overwrite (@​Josh-Cena)

docusaurus-plugin-content-docs

#5705 feat(content-docs): ...

Update dagger engine to use a given architecture instead of the default one.

Solve #1071

Signed-off-by: Tom Chauveau

Bumps sass from 1.42.1 to 1.43.3.

Release notes
Sourced from sass's releases.

Dart Sass 1.43.3
To install Sass 1.43.3, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes

Improve performance.

See the full changelog for changes in earlier releases.
Dart Sass 1.43.2
To install Sass 1.43.2, download one of the packages below and add it to your PATH, or see the Sass website for ful...

• Implemented proper logging in git transfer code
• Implemented version selection for mods install and updates (add version constraints to a package)
• Lock version of alpha.dagger.io to the latest 0.1.x version (will not break current dagger installs when upgrading stdlib to "> 0.1")
• Required unit tests

Remote universe vendoring is still disabled but enabling it will be one-liner. This PR does not impact the user.

Separate CUE scopes for executable (“what”) and invocation (“how”)

Context

This is a written follow-up to a live conversation with @talentedmrjones. In that conversation we agreed on the following:

1. Under the hood, dagger up involves two distinct components: the dagger client which compiles a CUE plan to LLB code and invokes its execution by builtkid; and the buildkitd daemon which actually executes the code.
2. The defining feature of Dagger (at least according t...

I noticed in the Dagger documentation it explains that input values need to be provided at runtime because the "package system could be a source of attacks."
https://docs.dagger.io/1003/get-started/#define-input-values-per-environment

Could I get a bit more detail on how/why the package system is an attack vector, perhaps with some examples? Is it, for instance, dangerous to have a specially designated 'secrets.cue' file that is evaluated along with the rest of the package at runtime, and...

Dagger currently supports a secure implementation for secrets but we are working on a new interface for all inputs. As for packages being an attack vector imagine if I write a series of components that claim to do something, and perhaps they actually do, but they also siphon arbitrary (potentially sensitive files) from your Dagger host and send them back to me without you realizing. I could write a component that connects to your local docker daemon and uses it to launch crypto mining sof...

Bumps cypress from 8.6.0 to 8.7.0.

Release notes
Sourced from cypress's releases.

8.7.0
Released 10/25/2021
Features:

There are changes to how "slow" tests are determined and displayed in Cypress.
Addresses #18496.

Added a slowTestThreshold
configuration option to customize when tests are considered "slow" during
cypress run. A test that runs slower than the given threshold will display
in orange text in the default 'spec' repor...

Bumps sass from 1.43.3 to 1.43.4.

Release notes
Sourced from sass's releases.

Dart Sass 1.43.4
To install Sass 1.43.4, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes
JS API

Fix a bug where the logger option was ignored for the render() function.

See the full changelog for changes in earlier releases.

Changelog
Sourced from sass's changelog.

1.43.4
JS API

Fix a bug whe...

In an effort to very clearly define and enforce a separation of concerns between code and data, between what is to be executed and how to execute I propose the following. In come cases a user may have predefined data that is always used for a particular plan and they want to include that in the same repo and track changes. In other cases different machines may pull the same data from different sources (env var vs remote stores, aws config vs aws-vault, etc). In other cases the data may be...

Overall this feels like the right direction just want to weigh in on some finer details such as Plan keys, their names and usage:

• arch glad to see this come back :) it makes sense here
• params remind me how is this used? how is it filled?
• source why?
• environment should be required. Partly for unambiguous log messages, partly for the relationship to state management, and because directory and file names aren't reliable sources for this value
• runtime is to be filled b...

Also, so we don't lose this particular point: we should force a package name for the project. It will make loading files simpler, make it clear to the user that their CUE files are meant to be used by Dagger, and allow them to colocate other packages. Either way we are forcing something on the user:

• If we allow arbitrary package names, we force them to put other packages in other directories
• If we allow colocation of non-Dagger packages (stax, grafana, etc) we either
  • force a pack...

General agreement on the value of picking a package name and sticking with it.

I've thought a lot about what kind of CUE package names to use for the foundational bits we're doing in Grafana, and there don't seem to be good answers right now. (Hence the [diversity](ht...

Bumps amplitude-js from 8.8.0 to 8.9.0.

Release notes
Sourced from amplitude-js's releases.

v8.9.0
8.9.0 (2021-10-28)
Features

eu dynamic configuration support (#439) (0618a90)

Changelog
Sourced from amplitude-js's changelog.

8.9.0 (2021-10-28)
Features

eu dynamic configuration support (#439) (0618a90)

Commits

57a47ca chore(release): 8.9.0 [skip ci]
0618a90 feat: eu dynamic configuration support (#439)
87e3a64 chore: switched ...

Bumps go.opentelemetry.io/otel/sdk from 1.0.1 to 1.1.0.

Release notes
Sourced from go.opentelemetry.io/otel/sdk's releases.

Release v1.1.0
Added

Add the "go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc".WithGRPCConn option so the exporter can reuse an existing gRPC connection. (#2002)
Add the go.opentelemetry.io/otel/semconv/v1.7.0 package.
The package contains semantic conventions from the v1.7.0 version of th...

Bumps go.opentelemetry.io/otel from 1.0.1 to 1.1.0.

Release notes
Sourced from go.opentelemetry.io/otel's releases.

Release v1.1.0
Added

Add the "go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc".WithGRPCConn option so the exporter can reuse an existing gRPC connection. (#2002)
Add the go.opentelemetry.io/otel/semconv/v1.7.0 package.
The package contains semantic conventions from the v1.7.0 version of the OpenTe...

Bumps go.opentelemetry.io/otel/trace from 1.0.1 to 1.1.0.

Release notes
Sourced from go.opentelemetry.io/otel/trace's releases.

Release v1.1.0
Added

Add the "go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc".WithGRPCConn option so the exporter can reuse an existing gRPC connection. (#2002)
Add the go.opentelemetry.io/otel/semconv/v1.7.0 package.
The package contains semantic conventions from the v1.7.0 version o...

Bumps go.opentelemetry.io/otel/exporters/jaeger from 1.0.1 to 1.1.0.

Release notes
Sourced from go.opentelemetry.io/otel/exporters/jaeger's releases.

Release v1.1.0
Added

Add the "go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc".WithGRPCConn option so the exporter can reuse an existing gRPC connection. (#2002)
Add the go.opentelemetry.io/otel/semconv/v1.7.0 package.
The package contains semantic conventions fro...

TL;DR

• Update checkVersion to also check universe.

Changes

In the future, universe will not be embedded anymore in dagger,
instead, it will be remotely vendor from dagger/universe repository.

To make sure that users always use the latest universe version, the
version checking now also verifies that universe is not outdated.
If universe needs an update, a message is printed to standard output.

Signed-off-by: Tom Chauveau

Since much of this thread has been incorporated into the proposal, I will:

1. Hide this thread for clarity
2. Open a new thread with outstanding questions and suggestions
3. Rebase outstanding questions and suggestions by @talentedmrjones and @sdboyer from this thread to the new one (mandatory package name, source directory, buildkit etc)

We are getting closer :)

Here is my list of outstanding questions and comments, and an example to wrap it all it up.

Outsdanding questions and comments

Convention for Cue package name

Dagger should define the following convention for use of the package clause in Cue files:

• All cue files in your Dagger project should define a package with the package clause
• The convention is to use main as the package name
• Expert Cue developers may break from this convention...

Environment field

By default, a plan is single-tenant: there is no need to think about environments since there is only one implicit environment.
A project may have many distinct plans, (dev, stage, prod, uat, pre-prod, etc) and even though they may share common config, it makes sense to require that they each be uniquely identified. The path and filename is not enough since they could change, multiple files could be involved, or they could be named in a way that does not directl...

Feeback

Buildkit host configuration

I am not strongly opposed to adding the buildkit configuration, but wondering if it really belongs there.

I think we shouldn't add buildkit configuration directly in plan's files. A plan defines a pipeline that will be processed by dagger engine working with buildkitd.
IMO if a user wants to add some configuration on buildkit, that should be done with the CLI or through a file external to the plan.

That has no sense to mix th...

@samalba can you weigh in on buildkit config? I recall you seemed to think it makes sense in the plan for various reasons.

My take is that if the setting is external, then 1) you add complexity in loading that separate config, and 2) its global meaning that all plans use the same buildkit config, but that is not flexible. In cases where a user has multiple plans, say local and prod I can easily imagine wanting to config my local plan to use a Dagger-installed buildkit daemon on my lo...

Taking a step back. At this point there are various minor / cosmetic points to discuss (see my other comment for a non-exhaustive list). But there is a more pressing issue we should address first: what does a complete working plan look like? In particular when developing an action, say “deploy to netlify”, what does the package code look like, and how does it change the DX compared to today?

I would prefer that we prioritize getting a clear answer on the DX, rather than debating minor poin...

Bumps cypress-localstorage-commands from 1.5.0 to 1.6.0.

Release notes
Sourced from cypress-localstorage-commands's releases.

Support NodeJS v17
Changed

chore(deps): Update devDependencies
chore(deps): Support any NodeJs version greater than 10.x

Changelog
Sourced from cypress-localstorage-commands's changelog.

[1.6.0] - 2021-11-01
Changed

chore(deps): Update devDependencies
chore(deps): Support any NodeJs version greater...

1. you add complexity in loading that separate config

I'm not sure is that complex, it's just an optional file like you can have a .prettierc for javascript or .XXXX for any framework that requires a config file.

We will win in clarity and that embrace the Single Responsibility Principle.

2. its global meaning that all plans use the same buildkit config, but that is not flexible. In cases where a user has multiple plans, say local and prod I can easily imagine wanting to conf...

Follow-up of merging https://github.com/dagger/dagger/pull/1074

On the todoapp example, it gives me this error on push.

Not sure the root cause since the docker.#Push hasn't change, it seems that the default arch is no more set on the pushed image.

Placeholder issue to track the implementation of the proposal #1058

Addresses the following issues:

• [ ] #783
• [ ] #966
• [ ] #793
• [ ] #970

Signed-off-by: Tom Chauveau

This aims to simplify the getting started and the overall use of local containers.

Bumps amplitude-js from 8.8.0 to 8.9.1.

Release notes
Sourced from amplitude-js's releases.

v8.9.1
8.9.1 (2021-11-02)
Bug Fixes

allow amplitude to be imported/required during SSR (#436) (ff7d8ef)

v8.9.0
8.9.0 (2021-10-28)
Features

eu dynamic configuration support (#439) (0618a90)

Changelog
Sourced from amplitude-js's changelog.

8.9.1 (2021-11-02)
Bug Fixes

allow amplitude to be imported/required during SSR (#436) (ff7d8ef)

8.9.0...

Bumps google.golang.org/grpc from 1.41.0 to 1.42.0.

Release notes
Sourced from google.golang.org/grpc's releases.

Release 1.42.0
Behavior Changes

grpc: Dial("unix://relative-path") no longer works (#4817)

use "unix://absolute-path" or "unix:relative-path" instead in accordance with our documentation

xds/csds: use new field GenericXdsConfig instead of PerXdsConfig (#4898)

New Features

grpc: support grpc.WithAuthority when...

Bumps @docusaurus/core from 2.0.0-beta.6 to 2.0.0-beta.9.

Release notes
Sourced from @​docusaurus/core's releases.

2.0.0-beta.9 (2021-11-02)
:rocket: New Feature

docusaurus-theme-classic, docusaurus-theme-common

#5770 feat(theme-classic): allow specifying width/height in logo (@​cerkiewny)

docusaurus-types, docusaurus

#5841 feat: allow user to specify deploymentBranch property in docusaurus.config.js (@​wpyoga)

d...

follow up of PR #1090

Intro

In its current state, this is more of a brain dump with a straw man proposal rather than a full fledged proposal. Just enough to get some ideas bouncing.

Background

Currently, the concept of computation (e.g. a set of compute operations) and data (e.g. the resulting filesystem from the computation) are mixed together as a single concept, dagger.#Artifact with an open definition:

// An artifact such as source code checkout, container image, binary arch...

Signed-off-by: jffarge

Bumps github.com/containerd/containerd from 1.5.4 to 1.5.7.

Release notes
Sourced from github.com/containerd/containerd's releases.

containerd 1.5.7
Welcome to the v1.5.7 release of containerd!
The seventh patch release for containerd 1.5 is a security release to fix CVE-2021-41103.
Notable Updates

Fix insufficiently restricted permissions on container root and plugin directories GHSA-c2h3-6mxw-7mvq

See the changelog for complete list of changes...

Overall I like it, it's more explicit (for instance: referencing the .fs key instead of the bare component key).

However we should be careful with root definitions:

For example, instead of:

#Directory: {
	@dagger(directory)
	id: string
}

I would do:

#Directory: {
	@dagger(directory)
	directoryID: string
}

Without it, #Secret and #Directory are likely to have the same definition keys and it won't be possible to use indections such as `myKey: #S...

Given dagger.#Pipeline is now closed, do we still need #up to be a def? I guess not, we could simply rename it to up.

(Maybe it allows to differentiate 2 pipelines in cue by their list of Ops. Example: myKey: yarn.#Pipeline | node.#Pipeline. If #up is a def, it cannot be taken into account in an indirection.)

@samalba can you weigh in on buildkit config? I recall you seemed to think it makes sense in the plan for various reasons.

Sorry for the delay, I was digesting the whole thread. Thinking about the buildkit config in the plan or not. Overall we only need info that we can act upon (i.e. Architectures supported and OS are useful and needed in the plan). The buildkit host needs to be configurable by the Ops (who setup the CI infra), but not necessarily the developer of a Plan (note that it c...

PR #934 broke remote packages. This is a one-liner that fixes it. We'll need to add more tests to spot those issues.

I added a new point: 8. Hidden fields API.

Intro

With #1087, it's now possible to config one architecture when you run a pipeline.
The aim is to improve that to :

• Add another layer of configuration that targets one pipeline and not the whole plan.
• Specify architecture directly in cue
• Manage multiple architectures in a single plan.

This way, we will be able to :

• Build & push multi-architecture images and then resolve dubo-dubon-duponey/docker-images#11
• Create multi-arch CI/CD for multi-platform applicatio...

That looks smooth, the more we type our cue and pipeline, the more it's safe and easy to use.

There are a couple alternative DX here:

• Merging
• Wrapping (disclaimer: my favorite so far)
• Embedding (is it possible?)

I think wrapping or embedding is the best solution, it feels more natural and we can understand what happens in a single reading.

Given dagger.#Pipeline is now closed, do we still need #up to be a def? I guess not, we could simply rename it to up....

Changes

@samalba told me that using arch was a language abuse because we currently handle platform (OS/arch).

• Changed arch into platform because it's more accurate.

Signed-off-by: Tom Chauveau

Bumps golang from 1.16.9-alpine to 1.16.10-alpine.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also t...

This is a draft of possible stdlib, as discussed today. Not meant to merge as is!

Fixes #823

cc @xinity @SonnyAD @grouville

@shykes as far as I'm aware things should be working with hidden fields. e.g.

go mod tidy
go run main.go
cmp stdout stdout.golden

-- cue.mod/module.cue --
module: "mod.com"
-- go.mod --
module mod.com

go 1.16

require cuelang.org/go v0.4.0
-- main.go --
package main

import (
	"fmt"

	"cuelang.org/go/cue"
	"cuelang.org/go/cue/cuecontext"
	"cuelang.org/go/cue/load"
)

func main() {
	ctx := cuecontext.New()
	bps := load.Instances([]string{"."}, nil)
	v := ctx...

I didn’t realize that cue.Hid already existed! That looks like it will solve our issue. We’ll confirm asap. Thanks!

cc @aluzzardi @samalba

Regarding a live conversation with @shykes @samalba @aluzzardi and @jlongtine as it relates specifically to context: env, context: settings, as well as context in general.

@shykes raised a good point that context: env: is inherently opinionated in that it assumes that values even come from environment variables to begin with and proposed an alternative with context: settings: (or context: params:) with the values being filled by command line flags. While this technically works ...

In the documentation the specified path for the source.cue indicates
it under the cue.mod folder, meanwhile everything is set up outside of
it. Puting the source.cue file in its specified folder resulted in the
example not working, meanwhile puting it in the gcpcloudrun folder
directly resulted in the example perfectly working

Signed-off-by: Benjamin Reigner

It appears that when I connect to my private registry for a build, I get an unauthorized response unless the target includes a repo (even if it doesn't exist).

package main

import (
    "alpha.dagger.io/dagger"
    "alpha.dagger.io/dagger/op"
)

#Auth: {
    target: dagger.#Input & {string}
    username: dagger.#Input & {string}
    secret: dagger.#Input & {dagger.#Secret | string}
}

// Add `auths` to `docker.#Build`
#Build: {
    source: dagger.#Input & {dagger.#A...

How would an invocation script (say github actions) pass contextual information to the plan? Are we back to requiring that scripts generate cue files at runtime?

Signed-off-by: jffarge

When trying to implement the #graphQL package with @slumbering, and using the docker.#Run package with a local registry, we encountered dependency issues related to the fact that docker.#Run cannot expose an URL on which a dependency could be created:

// run our local registry
registry: docker.#Run & {
    ref:  "registry:2"
    name: "registry-local"
    ports: ["5042:5000"]
    socket: dockerSocket
    url: "localhost:5042/graphql"
}

push: docker.#Push & {
    target:...

A checklist of things we should consider as we progress towards #1058 & #1095 ([as discussed on Discord here](#dev message))

cue performance, faulty dependency detection, broken cue type checking, broken buildkit caching, cue cycles

• [ ] CUE performance
• [ ] faulty dependency detection/Loss of dependencies in cue/flow?
• [ ] "Death by recursion" - @aluzzardi
  • [ ] Recursive CUE Definitions
  • [ ] Some...

Bumps github.com/moby/buildkit from 0.9.1 to 0.9.2.

Release notes
Sourced from github.com/moby/buildkit's releases.

v0.9.2
https://hub.docker.com/r/moby/buildkit
Notable changes

Fix handling authentication requests with multiple scopes #2431
Fix a possible deadlock when pushing items from one registry to another #2403
Fix issues with concurrent cache export requests #2410
Fix handling external blob deletions when reexporting cache with Github Actions bac...

Bumps github.com/rs/zerolog from 1.23.0 to 1.26.0.

Commits

6973188 Add support for dicts in array (#375)
78448ee New TestWriter for logging to testing.TB (#369)
197adb4 Bump golang.org/x/tools from 0.1.5 to 0.1.7 (#370)
07d347e Update zerologr url (#364)
6f8a5f9 Add Stringers support (#360)
9b9fc5c Update zerologr url (#359)
65adfd8 Make Fields method accept both map and slice (#352)
cdd7417 Allow arbitrary negative levels (#350)
fe93100 Make RemoteAddrHandl...

Currently, most examples work out of the box on Windows, unless the config requires access to the local docker socket (eg. "Getting started" from the docs).

We need to implement npipe support for Windows so the client can proxy \\.\pipe\docker_engine (host) to /var/run/docker.sock (WSL).

This last change should unblock all windows users with a decent support as soon as it's released.

Assigning to myself.

Fixes #1111

Fixes the race conditions on the CI by locking when vendoring universe.

Bumps remark-code-import from 0.3.0 to 0.4.0.

Commits

12ae711 0.4.0
e9d7928 Add removeRedundantIndentations
8ea2372 Add github actions
17b49c6 Add preserveTrailingNewline
165c5d5 Update testing guide
See full diff in compare view

[...

Signed-off-by: Andrea Luzzardi

In preparation of validating the improved Core Type System https://github.com/dagger/dagger/pull/1102, here's a recollection of problems we've had with the current runtime due to nesting.

What is nesting?

Nesting is the practice of passing data from a pipeline to another by referencing the pipeline itself.

For instance, an #Artifact (a compute pipeline, e.g. something with #up) can mount another #Artifact by passing a reference to it:

a: #up: [
  op.#FetchContai...

llb2 is a low-level API to assemble and run buildkit DAGs in Cue.

It aspires to replace the low-level API currently used by Dagger, which we refer to as “llb1”.

What is llb1?

Wewill refer to the current low-level API as “llb1” even though there is no actual package with that name. “llb1” is an implicit API which includes:

• Low-level operations defined in alpha.dagger.io/dagger/op
• Imperative DSL to assemble Dockerfile-like arrays as Cu...

This is multiple problems, very possibly related, found by @kzap while following the getting started tutorial.

Problem #1: no secret keys

For some reason, the keys.txt file was corrupted (missing the key information):

$ dagger new local -p ./plans/local
9:16PM FTL system | failed to create environment: failed to parse input: no secret keys found

$ cat ~/.config/dagger/keys.txt
# created: 2021-11-09T21:03:15-05:00

Problem #2: Panic on dagger init

...

Reverts dagger/dagger#1085

See #1118

Bumps github.com/docker/buildx from 0.6.2 to 0.7.0.

Release notes
Sourced from github.com/docker/buildx's releases.

v0.7.0-rc1
Welcome to the 0.7.0-rc1 release of buildx!
This is a pre-release of buildx
Please try out the release binaries and report any issues at
https://github.com/docker/buildx/issues.
Notable Changes

TLS certificates from BuildKit configuration are now transferred to build container in container and kubernetes drivers #787
Allow using ...

It took me a while to figure this out (no CI on Windows yet!).

This typo got introduced during the build split before the alpha.28 release...

Changes

Improve #1085 to fix topics 2 and 3 from #1118.

Thanks for adding Trivy, first of all!

When trivy reports vulnerabilities, there's a loop in the output that you can see in this video.

This does not happen with --log-format plain, and if the check passed.

I don't really think there is an issue with dagger, it could be my understanding of CUE.

I know the following example looks silly, but I'm trying to use the basis of this structure in a definition for a more complex scenario and this is where it's failing:

package main

import (
    "alpha.dagger.io/os"
)

one: os.#Container & {
    image: os.#Container  // `os.#DefaultImage` works
    command: "touch /one"
}

two: os.#Container & {
    image: one  // is this empty?
...

Bumps cypress-localstorage-commands from 1.6.0 to 1.6.1.

Release notes
Sourced from cypress-localstorage-commands's releases.

Support Cypress >=2.1.0
Changed

chore(#382): Use Cypress v9 in E2E tests
chore(#382): Support any Cypress version greater than 2.1.0
chore(deps): Update devDependencies

Changelog
Sourced from cypress-localstorage-commands's changelog.

[1.6.1] - 2021-11-11
Changed

chore(#382): Use Cypress v9 in E...

I'm not being able to run a local registry.

// dagger.cue
package main

import (
    "alpha.dagger.io/docker"
    "alpha.dagger.io/dagger"
)

dockerSocket: dagger.#Stream & dagger.#Input

registry: docker.#Run & {
    ref: "registry:2"
    name: "registry-local"
    ports: ["5042:5000"]
    socket: dockerSocket
}

$ dagger input socket dockerSocket /var/run/docker.sock
$ drupal dagger up

[✗] registry.run                                                    ...

Changes

Resolves #1099.

Todo

• [x] Improve op.#DockerBuild to correctly handle platform
• [x] Improve op.#FetchContainer to support fetch from selected platform
• [ ] Improve op.#PushContainer to push multi-platform images
• [ ] Update docker package to supports new features
• [ ] Write a working example to test it

Issues

I currently have an issue when using op.#Load on something built in a platform different than the one configured in values.yaml.

...

Bumps cypress from 8.7.0 to 9.0.0.

Release notes
Sourced from cypress's releases.

9.0.0
Released 11/10/2021
Breaking Changes:

The nodeVersion configuration option now defaults to system. The behavior
of the system option has changed to always use the Node.js binary/version
that launched Cypress. If Cypress was not launched via the terminal, Cypress
will use the bundled Node.js version. This could change the behavior of code
within your pluginsFile s...

Bumps go.opentelemetry.io/otel/trace from 1.1.0 to 1.2.0.

Changelog
Sourced from go.opentelemetry.io/otel/trace's changelog.

[1.2.0] - 2021-11-12
Changed

Metric SDK export.ExportKind, export.ExportKindSelector types have been renamed to aggregation.Temporality and aggregation.TemporalitySelector respectively to keep in line with current specification and protocol along with built-in selectors (e.g., aggregation.CumulativeTemporalitySele...

Bumps go.opentelemetry.io/otel/exporters/jaeger from 1.1.0 to 1.2.0.

Changelog
Sourced from go.opentelemetry.io/otel/exporters/jaeger's changelog.

[1.2.0] - 2021-11-12
Changed

Metric SDK export.ExportKind, export.ExportKindSelector types have been renamed to aggregation.Temporality and aggregation.TemporalitySelector respectively to keep in line with current specification and protocol along with built-in selectors (e.g., aggregation.Cum...

Bumps go.opentelemetry.io/otel from 1.1.0 to 1.2.0.

Changelog
Sourced from go.opentelemetry.io/otel's changelog.

[1.2.0] - 2021-11-12
Changed

Metric SDK export.ExportKind, export.ExportKindSelector types have been renamed to aggregation.Temporality and aggregation.TemporalitySelector respectively to keep in line with current specification and protocol along with built-in selectors (e.g., aggregation.CumulativeTemporalitySelector, ...). ...

Bumps go.opentelemetry.io/otel/sdk from 1.1.0 to 1.2.0.

Changelog
Sourced from go.opentelemetry.io/otel/sdk's changelog.

[1.2.0] - 2021-11-12
Changed

Metric SDK export.ExportKind, export.ExportKindSelector types have been renamed to aggregation.Temporality and aggregation.TemporalitySelector respectively to keep in line with current specification and protocol along with built-in selectors (e.g., aggregation.CumulativeTemporalitySelector...

Addresses an item in #621 Explain the different between a Cue builtin and a definition (native Cue vs dagger stdlib)

Signed-off-by: Richard Jones

Signed-off-by: Andrea Luzzardi

One of the main dagger attractions for us is the ability to reuse company conventions across a multitude of projects via installable packages.

Please add support for installing cue files from private git repositories. We are using a self-hosted Bitbucket instance, but will migrate to self-hosted Gitlab in the future, so if both are supported, that would be great.

The Bitbucket clone urls look like this:

• ssh://git@git.example.net:7999//.git (notice non-standard port)
• `https://...

Fix docker login to different registries in docker command

Signed-off-by: Alvise88

Bumps concurrently from 6.3.0 to 6.4.0.

Release notes
Sourced from concurrently's releases.

v6.4.0

Add --hide flag to hide the output of specified commands (#138, #173)

Commits

0da5d93 6.4.0
66ed4bf Simplify .gitignore
475fb53 Optimise .editorconfig
88b8d19 Add option and CLI flag to hide command output (#173)
See full diff in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibil...

Bumps amplitude-js from 8.9.1 to 8.10.0.

Release notes
Sourced from amplitude-js's releases.

v8.10.0
8.10.0 (2021-11-12)
Features

custom library options and setter (#443) (dce0eac)

Changelog
Sourced from amplitude-js's changelog.

8.10.0 (2021-11-12)
Features

custom library options and setter (#443) (dce0eac)

Commits

f465bfa chore(release): 8.10.0 [skip ci]
dce0eac feat: custom library options and setter (#443)
See full diff in...

I added a new point: 9. Catch broken references to outside packages

That's likely covered by https://github.com/cue-lang/cue/issues/629

CI of PR #1107 breaks and times out. This PR adds a time-out to one of the doc test + fixes a cleanup issue

Signed-off-by: guillaume

Bumps amplitude-js from 8.10.0 to 8.11.0.

Changelog
Sourced from amplitude-js's changelog.

8.11.0 (2021-11-16)
Bug Fixes

add missing setLibrary API to snippet distribution (#445) (ff44909)

Features

add esm entry point (#440) (3e98d50)

Commits

6d115b1 chore(release): 8.11.0 [skip ci]
ff44909 fix: add missing setLibrary API to snippet distribution (#445)
3e98d50 feat: add esm entry point (#440)
See full diff in compare view

[![...

This change helps the transition between dagger input and #Plan.context.

In summary, the codebase now relies on a context for execution with mapping to IDs.
In the future, context will come from a #Plan.context.
In the meantime, a bridge converts dagger input to a plan context. This allows both old and new style configurations to co-exist with the same underlying engine.

• Implement plancontext. Context holds the execution context for a plan. Currently this includes the ...

Bumps amplitude-js from 8.11.0 to 8.11.1.

Changelog
Sourced from amplitude-js's changelog.

8.11.1 (2021-11-16)
Bug Fixes

Add missing setTransport API to snippet (#446) (355a05b)

Commits

4659419 chore(release): 8.11.1 [skip ci]
355a05b fix: Add missing setTransport API to snippet (#446)
See full diff in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-n...

Bumps github.com/opencontainers/image-spec from 1.0.1 to 1.0.2.

Release notes
Sourced from github.com/opencontainers/image-spec's releases.

v1.0.2
This release was voted on by the maintainers and PASSED (+5 -0 #2), to mitigate the CVE-2021-41190 advisory.
This release is rebased directly on the prior tagged release (not including the commits that have occurred on main). Corresponding commits have been added to main, such that main is ready for...

As reported by @helderco:

The universe docker package and the low level op have different Auth APIs:

• #Build and #Pull lack auth altogether
• #Push has auth field but with one less field (makes it impossible to pass the same auth to multiple targets as the definitions don't match)
• #Run has its own definition in a registry field

1. Ignore dagger.lock file in generated .gitignore
2. Delete dagger.lock when releasing the local lock
3. Disabled failing test when pulling private repo (ssh error)

We should configure our Discord server to be a community server. This has the following effect:

1. Unlocks new features for the server, including stage channels and (I think) events
2. Anyone can join the server without requiring an invitation (I am not certain of this)

In order to enable the community server feature, there is a checklist to follow (see the link above).

Signed-off-by: jffarge

Changes

dagger mod get doesn't need an environment anymore to work.

Previously, it was not possible to execute dagger mod get if no environment was set.

# Init dagger
dagger init

# Download universe
dagger mod get alpha.dagger.io
4:08PM FTL system | no environments

With this PR, it doesn't required an environment anymore

# Init
dagger init

# Download universe
dagger mod get alpha.dagger.io
4:10PM INF system | installing specified package...

Signed-off-by: sw360cab

Actually it is not possible to set a custom command for Docker.#Run, in the same way it is possible with the docker run command in the form docker run ... IMAGE CMD, in order to override the entrypoint of a pulled image.

In a CI/CD scenario this is particularly useful when building an image which afterward will be reused in different steps (eg. build, test-suite, doc building).

In Dagger a similar behaviour is possible using Os.#Container

...

Bumps github.com/containerd/containerd from 1.5.7 to 1.5.8.

Release notes
Sourced from github.com/containerd/containerd's releases.

containerd 1.5.8
Welcome to the v1.5.8 release of containerd!
The eighth patch release for containerd 1.5 contains a mitigation for CVE-2021-41190
as well as several fixes and updates.
Notable Updates

Handle ambiguous OCI manifest parsing (GHSA-5j5w-g665-5m35)
Filter selinux xattr for image volumes in CRI plugin (#51...

Bumps github.com/moby/buildkit from 0.9.2 to 0.9.3.

Release notes
Sourced from github.com/moby/buildkit's releases.

v0.9.3
Notable changes

Workaround for deadlock in containerd pusher #2461
Update containerd to 1.5.8 . Contains patch for CVE-2021-41190 #2470 #2462

Commits

8d26254 Merge pull request #2470 from tonistiigi/v0.9.3-picks
6d53896 imageutil: make mediatype detection more stricter
b145a2f vendor: update containerd to 1.5.8
29db1fe push: wor...

Bumps amplitude-js from 8.11.0 to 8.12.0.

Release notes
Sourced from amplitude-js's releases.

v8.12.0
8.12.0 (2021-11-18)
Features

add more interfaces for flutter web support (#444) (69c18f7)
update setLibrary api make it ignore the null value of name or version (#449) (8e0971e)

v8.11.1
8.11.1 (2021-11-16)
Bug Fixes

Add missing setTransport API to snippet (#446) (355a05b)

Changelog
Sourced from amplitude-js's changelog.

8.12.0 (2...

The Docker daemon that I am using is running remotely, and I connect to it via Tailscale tunnel, which means that my DOCKER_HOST is set to tcp://100.113.182.91:2375.

This change makes Dagger work with my setup. It's been running well for me for a few weeks now, this started as https://github.com/thechangelog/changelog.com/pull/395

I think there is an opportunity to add support for ssh:// & file://, but I am keeping this first addition small on purpose.

Bumps cypress from 8.5.0 to 9.1.0.

Release notes
Sourced from cypress's releases.

9.1.0
Released 11/22/2021
Features:

A CYPRESS environment variable will be set to true in child processes where
Cypress runs user code in Node.js. You can now detect that you're running in
Cypress by looking for process.env.CYPRESS. Addresses
#18805.

Bugfixes:

Specs with % in the filename will no longer fail to load and now behave as any
other spec. Fixes
#18871.
Whe...

The current design of Dagger makes the implementation of a backward compatible control flows pretty hard.

This package is an equivalent of an healthcheck. It waits until a given url is ready.
We use that feature to reintroduce a dependency in the Cue Tree on that given url.

For example, when deploying a local container in docker, 90% of the time where want a dependency on that given container, it's because a server is present, and we want to query it.

This PR consists in 3 parts:
...

Thanks to viper, dagger supports shell auto-completion natively:

e.g.: dagger completion zsh

We should document it as it's a very low hanging fruit to improve the UX.

Bumps algoliasearch-helper from 3.4.4 to 3.6.2.

Changelog
Sourced from algoliasearch-helper's changelog.

3.6.2 - 2021-10-19

fix(SearchParameters): ignore invalid parameters (#880) https://github.com/algolia/algoliasearch-helper-js/commit/4ff542b70b92a6b81cce8b9255700b0bc0817edd

3.6.1 - 2021-10-15

fix(facetOrdering): make sure ordered facets is a dense array (#879) https://github.com/algolia/algoliasearch-helper-js/commit/990f8bc133dd3...

We are facing a small regression on Dagger lately: any package importing an unknown definition cannot be edited, listed...

package main

#test

would lead to:

dagger input list
11:57PM FTL system | unable to create environment

This is very blocking, as we don't know anything about the issue.

This PR fixes it:

dagger input list
11:58PM FTL system | unable to create environment: reference "#test" not found:
    /tmp/test/main.cue:4:1

Si...

• New execution engine to support Europa (not Pipeline based anymore)
  • Pipeline task: support old-style #up pipelines using the new engine
  • Import task: support context.imports
  • Secret File and Env tasks: support for context.secrets
• Basic support for #Plan.Context

Bumps sass from 1.43.4 to 1.43.5.

Release notes
Sourced from sass's releases.

Dart Sass 1.43.5
To install Sass 1.43.5, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes

Fix a bug where calculations with different operators were incorrectly considered equal.

Properly parse attribute selectors with empty namespaces.

JS API

Print more detailed JS stack traces. This is mos...

Bumps @svgr/webpack from 5.5.0 to 6.0.0.

Release notes
Sourced from @​svgr/webpack's releases.

v6.0.0
SVGR v6 uses SVGO v2 under the hood and includes tons of improvement. It also contains small breaking changes. In most cases you will have nothing to change. But be sure to check the migration guide.
Bug Fixes

fix XML entities in generated JavaScript (#553) (b3998eb)
formatExportName for single names (#548) (5decc94)
template: make it possible to use ty...

Signed-off-by: Sam Alba

Bumps sass from 1.43.5 to 1.44.0.

Release notes
Sourced from sass's releases.

Dart Sass 1.44.0
To install Sass 1.44.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes

Suggest calc() as an alternative in /-as-division deprecation messages.

Dart API

Add SassNumber.convert() and SassNumber.convertValue(). These work like SassNumber.coerce() and SassNumber.coerceValue(), ex...

• Implement dagger.#FS support
• Migrate context.imports to dagger.#FS
• Backward compat: dagger.#FS can be passed in lieu of a
  dagger.#Artifact
• For instance, an import (dagger.#FS) can be passed to the current
  yarn.#Package implementation

• Refactored to keep every transformation of built-in types (e.g. FS,
  Secret, etc) to/from CUE in the same place (plancontext)
• dagger.#Service and dagger.#Secret are now following the new FS-like format
  (e.g. _service: id: string)
• Backward compatibility
• dagger.#Stream is now an alias for dagger.#Service

When pushing a PR, the checks performed via Github Actions are failing for random reasons (eg. timeout), even if apparently the PR commit as nothing to due with that.
IMHO this requires extra effort for code reviewers, because they actually see that the PR is probably breaking the codebase, which in truth is not.
There is no way for the committer to run checks again in a clean way. One tricky workaround could be amending the commit related to PR and forcing a commit in order to run tasks ag...

Bumps amplitude-js from 8.12.0 to 8.13.0.

Release notes
Sourced from amplitude-js's releases.

v8.13.0
8.13.0 (2021-11-30)
Bug Fixes

add public method onNewSessionStart to snippet (#459) (07446fc)
upgrade to @​amplitude/ua-parser-js@​0.7.26 (#456) (8962604)

Features

add support for on new session start callback (#455) (acf596a)

Changelog
Sourced from amplitude-js's changelog.

8.13.0 (2021-11-30)
Bug Fixes

add public method onNewSe...

Bumps @svgr/webpack from 5.5.0 to 6.1.0.

Release notes
Sourced from @​svgr/webpack's releases.

v6.1.0
Bug Fixes

fix previous export system (1872829), closes #635

Features

native: automatically convert inline style in native (138c493), closes #588

Performance Improvements

remove useless loader-utils package (387bc72), closes #631

v6.0.0
SVGR v6 uses SVGO v2 under the hood and includes tons of improvement. It also contains small breaking changes. In ...

Changes

Related to #1159

I've added a piece of information about dagger completion, I didn't provide examples because there are many ways to install completions scripts, (.eg zsh/oh-my-zsh...).

Signed-off-by: Richard Jones

Updated gh user @dagger-ci personal access token (pretty sure it was using @TomChv's token that was recently removed). All failing PRs on this test can be rebased on main once this PR is merged.

Adding secrets in docker.#Command is broken:

// pipeline was partially executed because of missing inputs    op=0s original_cue_error=prod_image_info.ref.#up.0.from.#up.5.mount."/run/secrets/dockerhub_password": incomplete value {secret:{…
// executing operation    do=export pipeline=prod_image_info.ref

This PR fixes the issue by differentiating the secrets and generic mounts. @gerhard

Signed-off-by: guillaume

Original PR got merged before I realized. This just makes the video look better on the page

Signed-off-by: Richard Jones

Fixed iframe html

Bumps golang from 1.16.10-alpine to 1.16.11-alpine.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also...

Bumps amplitude-js from 8.13.0 to 8.13.1.

Release notes
Sourced from amplitude-js's releases.

v8.13.1
8.13.1 (2021-12-03)
Bug Fixes

make @​babel/runtime production dependencies (#461) (c03632c)

Changelog
Sourced from amplitude-js's changelog.

8.13.1 (2021-12-03)
Bug Fixes

make @​babel/runtime production dependencies (#461) (c03632c)

Commits

cbaf6c2 chore(release): 8.13.1 [skip ci]
c03632c fix: make @​babel/runtime production d...

Bumps @svgr/webpack from 5.5.0 to 6.1.1.

Release notes
Sourced from @​svgr/webpack's releases.

v6.1.1
Bug Fixes

webpack: fix double export (#648) (7595d37), closes #645

v6.1.0
Bug Fixes

fix previous export system (1872829), closes #635

Features

native: automatically convert inline style in native (138c493), closes #588

Performance Improvements

remove useless loader-utils package (387bc72), closes #631

v6.0.0
SVGR v6 uses SVGO v2 under the hood an...

Bumps cypress from 9.1.0 to 9.1.1.

Release notes
Sourced from cypress's releases.

9.1.1
Released 12/03/2021
Bugfixes:

Fixed a regression in 9.1.0 where our
built binary didn't contain patches to some dependencies. Addressed in
#19239. This fixed some
issues including:

Requests containing ~ will no longer be improperly encoded. Fixes
#19083,
#19084,
#19115,
#19096,
#19178.
A TypeError displaying data.hasOwnProperty is not a function will no
longer t...

dagger up ./path/to/plan mimics behavior of cue eval

still needs tests

Signed-off-by: Richard Jones

Page says “Welcome on Dagger documentation” which is not proper English. Should say “Welcome to the Dagger documentation” or something like that.

Signed-off-by: jffarge

Signed-off-by: Andrea Luzzardi

remove float from iframe to display in full width.
Bump to docusaurus 2.0.0-beta.9

Signed-off-by: jffarge

Bumps golang from 1.16.10-alpine to 1.16.12-alpine.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also...

• engine spec: move core types to types.cue
• engine: fix hidden field path
• solver: return digest when resolving images
• plan: improve log messages

Bumps @docusaurus/core from 2.0.0-beta.6 to 2.0.0-beta.10.

Release notes
Sourced from @​docusaurus/core's releases.

2.0.0-beta.10 (2021-12-09)
:rocket: New Feature

create-docusaurus, docusaurus-types, docusaurus

#5930 feat: shorthands for themes/plugins/presets configuration (@​fsmaia)

docusaurus-mdx-loader, docusaurus-plugin-content-docs, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-theme-translati...

Signed-off-by: Andrea Luzzardi

europa plan needed to ensure it was using the right plan directory. Passing absolute path didnt work because the cwd needs to be at or beneath the parent of cue.mod.

Signed-off-by: Richard Jones

Changes

Improve #1085 to fix topics 2 and 3 from #1118.

Dagger up used to only base his execution on libraries present in cue.mod/pkg/alpha.dagger.io.

I have two repro cases showing that this is not entirely true anymore. It works on any config, but conflicts in our universe directory.

I. Execute a test that includes an unknown field

1. Compile the latest up-to-date dagger, from main branch
2. Go to the yarn test: ./cue.mod/pkg/alpha.dagger.io/js/yarn/yarn.cue, and extend it :

import(
  "alpha.dagger.io/http"
)

ok: h...

dagger up should accept arg[0] and proxy that to cue loader to mimic the behavior of cue eval

secrets should support an exec type that allows os.Exec to fork an external process and return the results to the Go map linked to the cue tree via id

For example users should be able to exec sops or aws-vault and reference those values in cue without them being exposed

when passing --environment to dagger up, the command should use that value to fill #Plan.name or #Plan.environment. This is useful for things like dynamically created PR environments as an example.

Currently telemetry only works without --europa since it is very tied into the legacy state package. This needs to be refactored and Europa-specific telemetry data defined.

Need to register a task for handling context: services: unix (or input: proxy:)

Bumps @docusaurus/core from 2.0.0-beta.9 to 2.0.0-beta.13.

Release notes
Sourced from @​docusaurus/core's releases.

2.0.0-beta.13 (2021-12-10)
Release to fix a bad npm publish in beta.12 and mitigate today's npm issues (https://status.npmjs.org/incidents/n4s34mwsdsp2)
Same code as beta.11, please refer to beta.11 changelog and release:
https://github.com/facebook/docusaurus/releases/tag/v2.0.0-beta.11
2.0.0-beta.12 (202...

implemented context: services with test for unix. Still needs a windows test for npipe.

Closes #1202

Currently dagger sends basic analytics on long-running commands (this can be disabled with the semi-standard DO_NOT_TRACK environment variable). But not all commands are included in the analytics: commands run in a CI environment (according to best-effort heuristics) are entirely skipped. This results in an analytics blind spot: basically we don’t know anything about real-world usage of Dagger in CI. This is a major problem because we are positioning Dagger as a portable development kit for...

Port Pipeline ops to Europa Engine API. Schema defined in https://github.com/dagger/dagger/pull/1117

We should support _hidden tasks in Europa.

This requires upstream support, for which @jlongtine already opened a PR: https://github.com/cue-lang/cue/pull/1419

Signed-off-by: Andrea Luzzardi

Bumps sass from 1.43.5 to 1.45.0.

Release notes
Sourced from sass's releases.

Dart Sass 1.45.0
To install Sass 1.45.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes
JS API
This release includes an entirely new JavaScript API, designed to be more idiomatic, performant, and usable. The old API will continue to be supported until Dart Sass 2.0.0, but it is now considered depre...

Bumps @svgr/webpack from 5.5.0 to 6.1.2.

Release notes
Sourced from @​svgr/webpack's releases.

v6.1.2
Bug Fixes

specify valid peer deps (45a76ed)
rollup: missing dep & missing map return (#652) (12627fc)

v6.1.1
Bug Fixes

webpack: fix double export (#648) (7595d37), closes #645

v6.1.0
Bug Fixes

fix previous export system (1872829), closes #635

Features

native: automatically convert inline style in native (138c493), closes #588

Performance Impr...

Feedback from @aluzzardi :

Just started implementing this. A few questions when comparing to op.#Exec:

Missing:

• user
• always
• hosts

Extra features, not doable without exec helper:

• stdout
• stdin
• stderr
• exit

Changes:

• env used to be a map, now it's an array of strings named environ --> why?
• args is either an array or a string --> is the runtime supposed to shlex args?
• mounts used to be a ma...

• Make some definitions private (via @talentedmrjones )
• Add dagger.#Plan.input.params (via @talentedmrjones )

Implemented bats package for running bats tests from dagger

• Better integrate all CUE core packages for Europa, for easier development and testing
• Keep future Europa Universe separate for easier spin out in to separate repo
• Complete README for each part

This is a required step until we find a better dependency API solution.

We need to enable env var dependency hacks with this package, as a rerun of a plan always re-executes a docker.#Run.

Signed-off-by: guillaume

This branch leverages 1 disjunction in particular: contents: #Secret | {[string]: #Secret} to enable contents to be a Secret or a map of Secrets.

JSON and YAML formats will unmarshal to map[string]interface{} then iterate over key:value pairs, creating a map of secrets (marshaled to cue) which is then filled into "contents"

The text format will simply create a secret very much like the current SecretEnv and SecretFile tasks do.

Still need to implement:
YAML unmarshaling...

Documentation of dev-cue-package example has both username and tjovicic witch may be confusing.

That PR update tjovicic to username for better consistency.

Issue inside https://docs.dagger.io/1011/package-manager/#install

GitHub link send to https://github.com/dagger/packages/blob/main/gcpcloudrun/source.cue
and returns to a 404 (private repo maybe?).

Signed-off-by: Andrea Luzzardi

In Europa we're missing a way to retrieve state (e.g. dagger query).

I don't know what the long term solution would look like, and maybe we don't need to figure that out for the Europa release.

However, in the meantime, we do need some way to programmatically get the computed state back, at the very least for our integration tests.

I propose this straw-man: dagger up --output [path]. The output file content would be the equivalent of state/computed.json in mainstream Europ...

For things in package engine , like #ReadFile as just one example should be move those to say package fs under dagger/engine/fs? Then you'd write fs.#ReadFile. The benefits are:

• loading only the necessary packages and schemas
• namespacing these operations helps organize code and thought

Expand the Engine API to give developers control over the standard streams (stdin, stdout, stderr) of the commands they’re executing.

This was part in the original Europa spec, but was temporarily removed to resolve outstanding design issues:

• How to handle multiple writers? Are they forbidden? Do they randomly share the stream? Undefined behavior? Is the full stream multiplexed to each reader?
• How to avoid deadlocks? Unix-style pipes require concurrent execution. But the original s...

This addresses several points from #1211 :

• Add missing user
• Add missing always
• Add missing hosts
• Remove stdin, stdout, stderr until API design questions are resolved. See #1222 .
• Clean up args: only supports […string], add example in comment to clarify use.

NOTE: this PR depends on #1214 , please merge that first.

The root cause of the deadlock seems related to a combination of FD manipulation + jobs parallelization. I disabled the parts that I think touch redirect or disabled FDs. Also disabled some heavy tests and kind integration (we can re-enable later).

Also changed the localstack secret to not rely on @grouville personal token.

Continuing the experiment started in https://github.com/thechangelog/changelog.com/pull/401… cc @gerhard :)

Another attempt to fix the flaky deadlock

PROPOSAL: New CI structure for building, testing and releasing

Intro

Our current CICD code relies on the following components:

• Several Github action YAML workflows, used to call make or directly call goreleaser for official releases
• A Makefile at the root of the repo which runs commands on everyone local machine (not containerized), like for instance: launch unit tests, run the linter or build the dagger binary used for development
• Yarn to install and spin-up ...

When creating a proxy such as proxy: dockerSocket: {} the pipeline will run partially and provide a warning which is poor DX. We need a way for the task runner to catch this but currently the runner isn't even executed when there is no concrete value for _type

This may be fixed by implementing the new schema in the spec.

Signed-off-by: Andrea Luzzardi

This is our plan B, in case it is confirmed that we can’t rely on hidden fields for matching internal types in disjunctions, the way we hoped to.

Context from Discord:

Quick summary of next steps:

1. [Joel] is going to check with CUE devs whether this is a bug or feature. If we’re lucky, it’s a bug, they fix it next week, and we can pretend this conversation never happened.

2. We discussed plan B. There are some variations & bikeshedding opportunities, but basically it r...

This is just a start, still WIP.

I did not find a way yet to scope the auth to the engine call (everytime an auth field is process anywhere, it adds creds for a given target for the whole buildkit solver).

@aluzzardi I've setup a private alpine image for integration tests, but not sure how to pass the secret? Can I rely on the current dagger.#Secret implementation?

Plan spec currently contains a mix of singular and plural:

#Plan: {
	// Receive inputs from the client
	input: {
		// Receive directories
		directories: [string]: _#inputDirectory
		// Securely receive secrets
		secrets: [string]: _#inputSecret
	}

	// Forward network services to and from the client
	proxy: [string]: _#proxyEndpoint

	// Execute actions in containers
	actions: {
		...
	}
}

Notice that input is singular while directories is plural and `pr...

If path: is set something that does not exist, such as path: ./does/not/exist/adfadkjh Dagger just hangs at the following point:

2:07PM DBG system | spawning buildkit job    attrs=null localdirs={
    "./sdfgsdfg": "/Users/richard/Code/dagger/dagger/tests/sdfgsdfg"
}

Closes #1229

Before this change we had spec files mostly in stdlib/europa/dagger/engine/spec/engine but also had some spec files in stdlib/europa/dagger. This caused confusion around what is spec vs what is implemented.

This PR reorganizes file so that:

• all spec file are now in stdlib/europa/dagger/engine/spec/engine
• files currently implemented are in stdlib/europa/dagger/engine
• files in stdlib/europa/dagger are simple aliases to stdlib/europa/dagger/engine

We...

Signed-off-by: Joel Longtine

(This is a placeholder issue, to be filled out later in more detail).

The current Europa design relies on hidden fields attached to core types like dagger.#FS, dagger.#Secret etc. These hidden fields include an ID, to be filled by the engine at runtime.

Hiding these IDs has DX benefits: don’t confuse developers with a field they’re not supposed to worry about anyway, or risk incorrectly filling it.

But hiding IDs may have downsides also:

• it makes it hard to share the computed ...

Signed-off-by: Joel Longtine

Overview

I propose setting the following design principle for our CUE APIs:

Dagger CUE APIs should define default values explicitly, rather than relying on implied default values from other APIs they depend on.
For example, our CUE bindings to Buildkit calls should explicitly define default values in CUE, rather than rely on Buildkit’s own defaults.
This CUE-first approach to default values improves the developer experience in several ways:

1. It makes our CUE APIs mor...

We want Europa APIs to support Windows. Does the current default value engine.#Exec.user: string | *”root” allow this? If not, how do we resolve?

• Change to a better default value?
• Make the field mandatory?
• Implement more advanced default behavior, perhaps inspired by buildkit?
• Make the field optional and defer to the default behavior of buildkit? NOTE: I advise against this, see https://github.com/dagger/dagger/issues/1243

Currently, engine.#Exec will interrupt DAG execution entirely if the command returns a non-zero exit code, aka an error. This makes it very difficult to write a Dagger configuration with custom behavior on command failure. The only way is to execute a wrapper command, for example a shell script, that will implement the exit code capture, and communicate back to the CUE config. This is repetitive and a bad DX.

Ideally, engine.#Exec would allow 1) configuring whether or not to abort DAG ...

Prior to Europa, Dagger relies on Buildkit to manage exec defaults. For example op.#Workdir would translate to llb.Workdir in Buildkit, and all future calls to Exec would automatically use that default value for workdir.

In Europa, Dagger must not use this feature of buildkit, and it must not implement this feature in its own implementation either. Rather, it is the CUE caller’s responsibility to manage defaults if they so choose. In other words, engine.#Exec is stateless.

I...

Problem

Most of the time, dependencies between Dagger tasks are implicit, thanks to the magic of CUE references. If a config value for task foo is referenced by a config value for task bar, Dagger implicitely knows that foo must run before bar.

But sometimes, foo must run before bar even though there is no dependency between their configurations. For example, foo might upload an artifact at a known URL, which bar must later download. In this case, developers need a...

Problem

Dagger has the ability to run commands in containers (engine.#Exec). These commands can be long-running (for example a test database). But there is no reliable way to terminate this command later. This effectively makes it impossible to execute long-running commands without hanging DAG execution.

A typical example (from real-world use case #1227):

• Start a test database (engine.#Exec)
• Execute tests against test database (engine.Exec)
• After the tests aere complet...

Problem

Most engine tasks require an input: #FS field. Starting from an empty FS requires an explicit call to #Scratch. Because we don’t support inlined tasks, this is quite cumbersome:

dir: engine.#Mkdir & {
  _scratch: engine.#Scratch
  input: _scratch.output
  path: “/foo”
}

Solution

With support for null input, the same configuration would be much simpler:

dir: engine.#Mkdir & {
  input: null
  path: “/foo”
}

Assuming we make null t...

Bumps concurrently from 6.4.0 to 6.5.0.

Release notes
Sourced from concurrently's releases.

v6.5.0

Add support for configuring via environment variables that start with CONCURRENTLY_ prefix (#289)
Add --timings flag to show when each process started and stopped, and how long they ran for (#291, #295)

Commits

ecc5fa0 6.5.0
ce799d6 npm audit fix
f8119bf docs: replace $0 placeholder with concurrently
7578774 Add support for options in env...

Dagger supports pushing and pulling Docker container images. Sometimes Docker registries require authentication, so Dagger defines an API for passing authentication credentials. In the Europa release, each call to #Push, #Pull and #Build (for nested pulls) accepts an auth field.

According to the Dagger API, each individual call to #Push, #Pull and #Build has its own authentication scope: credentials passed to one call are not available to the others.

In the current impleme...

Problem

Dagger does not detect actions configured in an inline CUE expression. This makes a useful feature of CUE unavailable to Dagger developers, causing configurations to be more complex than necessary. This becomes more problematic as the size of a configuration grows.

Details

Most of the time, actions are assigned to a field in the CUE configuration, for example:

To execute an action in their DAG, a developer must write the action’s configuration as a CUE value, and ass...

Dagger should support conditional execution of actions, using the standard if statement in CUE. Importantly, it should be possible to reference the output of other tasks in the if statement, and have task dependency be respected.

For example:

arch: docker.#Run & {
  script: “uname -m > /arch”
  output: files: “/arch”: _
}

if arch.output.files.”/arch”.contents == “x86_64\n” {
  ftw: docker.#Run & {
    script: “echo x86 FTW!”
  }
}

Note that the ftw action it...

Problem

There may or may not be a problem, depending on whether the desired behavior is already supported.

Desired behavior

Dagger should support configuring actions in hidden fields. For example:

// Action configured in a regular field
foo: docker.#Run & {
  script: “echo hello foo!”
}

// Action configured in a hidden field
_bar: docker.#Run & {
  script: echo hello bar!”
}

In this example, BOTH actions should be detected and executed.

closes #1237

Currently Dagger can proxy OUTBOUND network connections, from the DAG to the client. For example a container executed inside the DAG can connect to a unix socket that is proxied to a unix socket on the client.

It would be amazing if Dagger also supported the reverse: proxy INBOUND network connections from the client to the DAG. For example, a container listening for tcp connections inside the DAG could receive connections proxied from a TCP port on the client. This expands considerably w...

Changes

• Add #Mkdir from spec to active definition
• Add mkdir task
• Add tests

• Split website deploy in its own workflow to only trigger when the website changes
• Disable bats parallelization within files to mitigate integration test suite races

Closes #1199

I agree with you! It's necessary to use dagger as our CI, if we don't do it, who will?

Indeed, I have some questions :

The Github action worklow will simply run the whole plan, it won't have any logic

• How will we then setup localstack or kind for kube and aws tests?
• What about CI keys and co, we will have a global context that keep those information?
• How we will handle release? It's possible with just Dagger or is it a better idea to keep it as a GitHub action?

...

Context

Developers can request access to resources on the invoking client: directories to read or write, commands to execute, files to read or write, unix sockets to connect to.

It seems logical that developers could also request access to environment variables on the client. In fact, this is already partially possible, with inputs: secrets: [string]: envvar. However this exposes the contents of the environment variable as a #Secret which is a reference to be mounted in a conta...

Signed-off-by: Joel Longtine

Overview

It might be useful to allow a DAG to know the platform of the client invoking it. For example, this information could be used to configure certain inputs differently between Windows, Mac and Linux clients.

Example:

client: _

proxy: endpoints: docker: {
  if client.platform == “windows” {
    connect: “npipe://…”
  }
  if client.platform != “windows” {
    connect: “unix:///var/run/docker.sock”
  }
}

Challenges

Perhaps this is overkill, and can...

Problem

The current Dagger API does not give the developer control over which platform (architecture + OS) to execute containers on. This limits possible applications of Dagger.

Solution

There many possible designs. Here is a (naive) suggestion to get us started.

package engine

#Exec: {
  platform: {
    // Host operating system
    os: “windows” | *”linux”
    // Host hardware architecture
    arch: *”x86_64” | “arm64” // etc.
  }
}

Problem

The current Dagger APIs do not give the developer control over pushing, pulling, building and running multi-platform Docker images.

This is related to, but distinct from, multi-platform container execution

Problem

The drift between our two parallel engine packages (let’s call them engineA and engineB) has gotten out of control. The only way to get a useful diff is to manually verify each individual field. I have been doing this, but it’s a waste of my time and I don’t want to do it anymore.

Solution

I’m merging engineA and engineB into a single engine package, which we can then all modify together collaboratively, like proper developers.

Details on drift

EngineA and ...

This needs design discussion. Is interactive really useful if it won't work in CI anyway? How do we handle concurrent processes and logs to the terminal?

Signed-off-by: Joel Longtine

Bumps concurrently from 6.4.0 to 6.5.1.

Release notes
Sourced from concurrently's releases.

v6.5.1

Fix command names when using npm wildcard (#148, #165, #211, #212)

v6.5.0

Add support for configuring via environment variables that start with CONCURRENTLY_ prefix (#289)
Add --timings flag to show when each process started and stopped, and how long they ran for (#291, #295)

Commits

041e090 6.5.1
dd54b9f Fix wildcard naming to match do...

Signed-off-by: Joel Longtine

Initial work, still needs all tests ported over

Signed-off-by: Joel Longtine

We had to disable this test which was failing 80% of the time: https://github.com/dagger/dagger/blob/7c46e62f49b61f63a707bc2253b5cb93044d1257/tests/tasks.bats#L40

Given this is happening on 1 test and the test code seems ok, it hints that the feature is not working properly.

Error:

 ok 47 task: #WriteFile failure: different contents
not ok 48 task: #Exec
# (in test file ./tasks.bats, line 39)
#   `"$DAGGER" --europa up ./mount_cache.cue' failed
# 11:59PM INF actions.image | ...

Implemented engine.#Push + tests

Signed-off-by: Andrea Luzzardi

A bunch of fields were lost in translation from op.#DockerBuild. I added them to the implementation and flagging as needs review:

• auth: This was not in #DockerBuild but is needed because of the lack of #DockerLogin
• platforms / target: These we need to review generally speaking for multi-platform support, I don't believe they're right (/cc @TomChv)
• buildArg / label / hosts: These are generic dockerfile frontend options

Fixes #1274

Signed-off-by: Andrea Luzzardi

Support dagger up --output or - for stdout. This will
write the computed layer.

Can be used for tests, e.g.

run dagger up --output -
assert_output --partial foobar

Fixes #1220

Context

Universe is versioned so it's necessary to inform users when there is an improvement.

Issue

We already added the supports for classic dagger up but we do not handle it for dagger --europa up.

Related to #1196.

Bumps cypress from 9.1.0 to 9.2.0.

Release notes
Sourced from cypress's releases.

9.2.0
Released 12/20/2021
Features:

Cypress will throw an error when a user attempts to update a configuration
value at run-time using either the Test Configuration or using
Cypress.config() that is a
readonly option.
Addresses #6407 and
#19001.
A timeout option has been added to the cy.writeFile() command, with a
default value of defaultCommandTimeout. Addresses
#3350...

Bumps @docusaurus/core from 2.0.0-beta.9 to 2.0.0-beta.14.

Release notes
Sourced from @​docusaurus/core's releases.

2.0.0-beta.14 (2021-12-21)
:rocket: New Feature

docusaurus-theme-classic, docusaurus-theme-common

#6132 feat(theme-classic): new configuration syntax for a simple footer (@​christopherklint97)
#6125 feat(theme-common): stable classname for code blocks (@​Josh-Cena)

docusaurus-theme-classic

#5848 feat(...

Bumps sass from 1.43.5 to 1.45.1.

Release notes
Sourced from sass's releases.

Dart Sass 1.45.1
To install Sass 1.45.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes

Potentially breaking bug fix: Properly parse custom properties in @supports conditions. Note that this means that SassScript expressions on the right-hand side of custom property @supports queries now need...

This is to fix an issue occurring regularly on the CI with a race condition on fs operations.

# (in test file ./tasks.bats, line 9)
#   `"$DAGGER" --europa up ./pull.cue' failed
# 5:50PM FTL system | failed to load plan: import failed: load: open 
/home/runner/work/dagger/dagger/tests/tasks/pull/cue.mod/pkg/alpha.dagger.io/europa/dagger/engine/types.cue: 
no such file or directory

https://docs.dagger.io/1002/vs/ says "Dagger helps CICD teams answer question like: what work needs to be done to deliver my application, in what order, and how to I orchestrate it?"
s/how to I/how do I/

One of the install steps here shows how to use 'sudo' to install it: https://docs.dagger.io/1001/install/
That shouldn't be needed, lately I use containers that run in rootless mode (e.g. podman instead of docker and a wrapper that calls podman instead of docker for backwards compat, or runc, etc.), and a rootful docker may simply not be available in certain environments as a matter of security policy.

Therefore it'd be very useful if the sudo installation mode would be option...

Changes

• Rename mode to permissions
• Remove output from #ReadFile