warped summit
Hey! I can't seem to understand how to pass the default path on host system (outside of modules and stuff) in the code. For example, here https://docs.dagger.io/cookbook#copy-a-file-to-a-container
How can i make it so that i could just ran dagger call copy-file without specifying --f=/home/admin/archives.zip
And /home/admin/archives.zip should be hardcoded somewhere in the code.
valid kiln
Hey! I can't seem to understand how to pass the default path on host system (out...
that's currently a design choice. We don't allow default paths to retrieve any files or directories outside the project scope to avoid users creating malicious modules that could potentially fetch any file in your system
that's why the only way of doing that is via explicitly setting the --f argument
cc @novel wolf we should document that here: https://docs.dagger.io/manuals/developer/functions/#directories-and-files
warped summit
Thanks for pointing it out! That's a bummer, I'm dealing with propagating custom root certificate for zscaler ssl introspection to the containers where the one already placed in custom engine isn't enough. Maven, for example, where i need to WithExec(keytool -import)
And I was hoping to make it work by setting it in New(), just trying to make it less tedious for people to work with across our team
By the way, can i extract the file from the engine itself somehow?
novel wolf
cc <@1013436980249505882> we should document that here: https://docs.dagger.io/m...
OK, I will add this in the next day or so
valid kiln
By the way, can i extract the file from the engine itself somehow?
Yes, it's documented here: https://docs.dagger.io/manuals/user/export/
warped summit
Yes, it's documented here: https://docs.dagger.io/manuals/user/export/
Sorry, i meant extracting the certificate file i put into custom engine at /usr/local/share/ca-certificates/ within the pipeline
valid kiln
Sorry, i meant extracting the certificate file i put into custom engine at /usr/...
@warped summit are your maven containers debian or rhel based?
warped summit
<@312843955408732160> are your maven containers debian or rhel based?
amazon linux
valid kiln
oh, we don't have support to install cert on those automatically
warped summit
<@312843955408732160> are your maven containers debian or rhel based?
yeah it doesnt get propagated properly
warped summit
mind opening an issue?
the thing is even if it did maven would still need that cert in truststore
valid kiln
isn't adding the cert via the trust command enough?
and bundle it in /etc/pki/tls/certs/ca-bundle.crt as all the other things?
I'd assume maven will use that
as it's probably using libtls under the hood
warped summit
I assumed so as well but i had to do this
func (j *Javabuild) zscalerPrep(
zscalerCert *dagger.File,
) *dagger.Container {
certPath := "/home/zscaler.crt"
command := fmt.Sprintf("keytool -import -trustcacerts -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt -alias zscaler-root -file %s", certPath)
c := j.Ctr.
WithFile("/home/zscaler.crt", zscalerCert).
WithExec([]string{"sh", "-c", command})
return c
}
valid kiln
yes, that makes sense because we currently don't support automatic certificate propagation for amazonlinux
sending a PR to fix that right now
valid kiln
@warped summit this has just been merged to main. You should be able to use main's engine if you want to try this before the next release.
you can install the latest CLI with https://dl.dagger.io/dagger/install.sh | DAGGER_COMMIT=$COMMIT sh
if that command fail it's because the CLI hasn't been published yet as it's probably still building
warped summit
<@312843955408732160> this has just been merged to main. You should be able to u...
Thank you so much! Appreciate the instant help!