heavy dirge
not sure if this expected behavior, so checking. I like the debug output to work through the issues, but it shows my token, so is this expected?
This demo is a really cool way to show dagger self contained cloning and running natively without wrapping CLI tools from linux (which is what I don't primarily want). Fun!
dawn elbow
Here's an article on working with secrets in Dagger: https://docs.dagger.io/manuals/developer/go/203021/secrets/
(There are equivalent docs and support for functions written in TypeScript and Python)
And here's an example of functions implementing secrets: https://daggerverse.dev/mod/github.com/levlaz/daggerverse/mastodon@437b0f9b34314770faa68c74b6323f434fafa8a7
Does that help?
tulip shuttle
I'm not sure if Secrets will help here since the argument to dag.Git is just a plain string. @next steppe is it plausible in dagql to add support for conditionally marking an argument as sensitive? I know we can mark one unconditionally sensitive, but I guess in this case we may want to look at the URL arg's format and see if it include any creds (think that's probably possible in an unambiguous way?)
Of course, if it's possible to instead use an SSH agent, that would be better, but I guess that's not always possible
next steppe
I'm not sure if Secrets will help here since the argument to `dag.Git` is just a...
hrmm, that might be doable, but I think it would better to just have a password: Secret argument
vale cloak
Problem is that dag.Git only has ssh auth support and you can't use the ssh auth socket with modules yet. We need header/token support in dag.Git.
tulip shuttle
