#How to override the image of an action cleanly?

1 messages · Page 1 of 1 (latest)

willow cargo
#

to give context. I set up an action to lint markdown files. And I want to use it in 2 different contexts:

  • on my personal project
  • on my company project
    But I have a constraint in my company. I can't use the docker images from the docker hub. They have set up a mirror with their own images.

Here are my action:

package markdown

import (
    "dagger.io/dagger"
    "universe.dagger.io/docker"
)

#Lint: {
    // source code
    source: dagger.#FS
    // mardownlint version
    version: *"0.31.1" | string
    // Files to lint
    files: [...string]
    _image: docker.#Pull & {
        source: "tmknom/markdownlint:\(version)"
    }
    docker.#Run & {
        input: *_image.output | _
        mounts: "source": {
            dest:     "/src"
            contents: source
        }
        workdir: "/src"
        command: {
            name: "markdownlint"
            args: files
        }
    }
}

on my personal project, I do this:

"markdown": markdown.#Lint & {
    source: _source.output
    files: ["README.md"]
}

and it's works perfectly. In my company project, I must use a private image. So I do this:

_image: {
    markdownlint: docker.#Pull & {
        source: "\(_#DefaultAwsAccount).dkr.ecr.\(_#DefaultAwsRegion).amazonaws.com/public/tmknom/markdownlint:0.31.1"
        auth: {
            username: "AWS"
            secret:  client.commands.ecrPassword.stdout
        }
    }
}
// ...
"markdown": markdown.#Lint & {
    input: _image.markdownlint.output
    source: _source.output
    files: ["README.md"]
}

it also works. But when you get to the CI server, it doesn't work. I took a closer look, and I realized that my Action was 2 docker pull.
it doesn't work because I can't get the public image, it's blocked in DNSit doesn't work because I can't get the public image, it's blocked in DNS. But normally, dagger should not try to pull this image? because I don't use it after, it's override.

#

here the log of the execution:

1:56PM DEBUG actions.lint.markdown._image._pull | 
1:56PM DEBUG actions.lint.markdown._image._pull | #1 load metadata for docker.io/tmknom/markdownlint:0.31.1
1:56PM DEBUG actions.lint.markdown._image._pull | #1 sha256:feee7f006da16b0db8b62107f819956e1d36781bdd491fdc990afbb98947db75
1:56PM DEBUG actions.lint.markdown._image._pull | #1 DONE 0.6s
1:56PM DEBUG actions.lint.markdown._image._pull | 
1:56PM DEBUG actions.lint.markdown._image._pull | #4 Pull tmknom/markdownlint:0.31.1
1:56PM DEBUG actions.lint.markdown._image._pull | #4 sha256:09fe153992c62b62f14768de2b2a7cc3a0d967c56766728a5028a7dcd2dd204b
1:56PM DEBUG actions.lint.markdown._image._pull | #4 resolve docker.io/tmknom/markdownlint:0.31.1
1:56PM DEBUG actions.lint.markdown._image._pull | #4 resolve docker.io/tmknom/markdownlint:0.31.1 0.2s done
1:56PM DEBUG actions.lint.markdown._image._pull | #4 DONE 0.3s
// ...
1:56PM INFO  actions._image.markdownlint._pull | computing
1:56PM DEBUG actions._image.markdownlint._pull | dependency detected    dependency=client.commands.ecrPassword
1:56PM DEBUG actions._image.markdownlint._pull | add target credentials    target=00000.dkr.ecr.eu-west-3.amazonaws.com
1:56PM DEBUG actions._image.markdownlint._pull | 
1:56PM DEBUG actions._image.markdownlint._pull | #5 load metadata for 00000.dkr.ecr.eu-west-3.amazonaws.com/public/tmknom/markdownlint:0.31.1
1:56PM DEBUG actions._image.markdownlint._pull | #5 sha256:25bd9477404259feaf3666cf7a0753fb3cca4afeac1125f455df49c6b3d69c42
1:56PM DEBUG actions._image.markdownlint._pull | #5 DONE 0.1s
1:56PM INFO  actions._image.markdownlint._pull | completed    duration=200ms
mighty igloo
# 
package markdown

import (
  "dagger.io/dagger"
  "dagger.io/dagger/core"
  "universe.dagger.io/docker"
)

#Image: {
  repository: string | *"tmknom/markdownlint"
  version:    string | *"0.31.1"

  docker.#Pull & {
    source: "\(repository):\(version)"
  }
}

#Lint: {
  // source code
  source: dagger.#FS
  // image address to use
  image: #Image
  // Files to lint
  files: [...string]
  docker.#Run & {
    input: *image.output | _
    mounts: "source": {
      dest:     "/src"
      contents: source
    }
    workdir: "/src"
    command: {
      name: "markdownlint"
      args: files
    }
  }
}

dagger.#Plan & {
  actions: {
    _source: core.#Source & {path: "."}
    _image:  #Image & {
      repository: "jeremyatdockerhub/markdownlint"
      version:    "latest"
    }

    "markdown": #Lint & {
      source: _source.output
      image:  _image
      files: ["README.md"]
    }
  }
}
#

like that maybe? ☝️

willow cargo
#

Ok, I'm going to try it

mighty igloo
#

you could add auth to #Image perhaps...

willow cargo
#

yes

#

what means this syntax: input: *image.output | _ ?
I don't understand | _

#

@mighty igloo Thank you once again. It's works perfectly

#

for those, that search a solution with auth, here my action:

package markdown

import (
    "dagger.io/dagger"
    "universe.dagger.io/docker"
)

#Image: {
    repository: string | *"tmknom/markdownlint"
    tag:        string | *"0.31.1"
    // Registry authentication
    auth?: {
        username: string
        secret:   dagger.#Secret
    }

    docker.#Pull & {
        source: "\(repository):\(tag)"
        if auth != _|_ {
            "auth": auth
        }
    }
}

#Lint: {
    // source code
    source: dagger.#FS

    // Files to lint
    files: [...string]

    image: #Image

    docker.#Run & {
        input: *image.output | _
        mounts: "source": {
            dest:     "/src"
            contents: source
        }
        workdir: "/src"
        command: {
            name: "markdownlint"
            args: files
        }
    }
}
willow cargo
#

@mighty igloo it's a pity that some universe actions don't make this separation. Because I can't use some actions like yarn, npm ...
May be I can make some Pull request ?

mighty igloo