#Testing #8805 - Github PAT support

Hey @high wave , ./hack/dev fails for me with a certificate error although I have the CA certs installed within the container. Is there a way to get an already built engine image from the container registry?

Hey, yeah. What architecture do you want it ? Because the CLI needs to be updated too for this feature

arm64 please

Doing it in 30🙏

Please push it to ghcr.io.. I don't think I can pull from registry.dagger.io

Not a Darwin, it's linux arm64?

either is fine

docker pull ghcr.io/grouville/dagger-engine:latest

and the CLI:

It's a bit weird to share the binary itself: could you maybe try to build it from the PR's branch: go build ./cmd/dagger from the root of the repo

The file I sent:

bash-5.2$ file ~/work/dagger/bin/dagger
~/work/dagger/bin/dagger: Mach-O 64-bit executable arm64

otherwise, this is my darwin binary

can send the linux one if you want

Yeah I can try that. Or.. the engine has the CLI embedded right? I could pull from that?

I'm on a Mac so Darwin is fine

I just left for the day. I'll test this tomorrow

Yeah sorry was multitasking 🙏

Thanks, excited for you to test it out

No worries! Same

yeah I think so, just double checked and it seems that yes

tried pulling the CLI fron container, didn't work (exec format error). Let me try your binary

You should be able to build the CLI on my branch too if you prefer 👼

I was able to build too

going to test some private git stuff

ok nvm!!! I'm a dummy. I'm not used to using a custom CLI. I was invoking it with the 0.13.6. When I ran with the custom CLI it worked!

How do you feel about the DX ? 🙏

Did it trigger your credential helper ?

I mean.. smooth? Like I didn't have to do anything other than using the custom CLI + engine. Importing just worked.

It didn't prompt me for anything

Perfect then 🙏 Awesome 😍

Do you use this env var GIT_ASKPASS to ask for the auth token ? Usually git doesnt ask for anything either because you stored the gitcredential using git credential store

Or, you have the GIT_ASKPASS or the .gitcredential helper configs, with either some cache:

cat ~/.gitconfig
[credential]
    helper = /usr/local/bin/git-credential-manager

I have this in my .gitconfig

[credential]
        helper = store

Ok perfect, so you stored it, thanks 🙏

I don't have the ASKPASS env though

I may have used gh auth login to auth

Yeah, usually this one is set by vscode when doing remote shell ; or tooling, to pipe the auth 🙏

Awesome, thanks a lot 😍

ah I don't use vscode so, might explain that.

does this support Windows? I can test

Yes please, I don't think so though 😏 Need to finish fixing my non booting computer to iterate on that though

any other use cases you want me to test on my mac?

if you comment your credential helper and try to clone a public repo, how does it behave ? 🙏

Right now, I silently fail only if it's a credential error, meaning that if I successfully tried to retrieve the secret but the store returns "not found" , then I log and continue as if it was a public ref

But, for any other error, I would actually error. For example, if you don't have git, the implementation should error, i wonder if I shall silently fail on this too ? (there is a dependency on the git CLI for now)

What do you think around that ? Shall the default be: silently error ? log it, but continue as if it was a public ref. The thing is that I can't know in advance what is a public of a private ref: a badly configured credential helper would break all module cloning

Maybe safer at first to just silently fail ?

The git dependency is temporary, I have in mind to upstream the credential helper handling on the go-git library

Also, maybe testing the caching behavior: it shouldnt cache (if it's too much work I'll do it on my integration test no worries)

I commented this but it still worked.. hmm

private or public repo ?

Did it log ?

it's super cool how this works with interdependent modules. Even when the dependent module is not present. I'm late to the "install a module from external" repo game but wow

private

I didn't see anything in log

let me remove container and see.. maybe caching played a part

Can you please expand, I'm not sure to understand ? 👼🙏

so I have module A depending on module C and B. I can dagger install only A and it still works. That's expected behavior right?

Which ones are private in this configuration ? 👼

all of them

Oh yes 👼

that's just incredible!

Amazing if you like it 🙏 If your gitconfig has fine-grained, cross git server provider, and for example you need oauth for bitbucket only, it would trigger it automatically

I love it! So far, I've always had all the dependencies in the same folder when testing modules. Obviously because I couldn't import from external repos

for me it's only github.com so I can't test other providers unfortunately

yeah no worries I did it, but thanks for testing that. Interested in Windows if you can too, if it's not too much to ask

but it seems to work well for me. I'll try to get a colleague to test too.

speaking of this. Do you think you could push a multi-arch image? My windows machine is linux/amd64 (wsl2)

Yeah will do tonight, if it can wait 🙏

yeah no hurry!

hey @high wave were you able to create that multi-arch image?

Hey Nipuna, was actually checking the thread ahah. I realized on some of my tests yesterday that there is potentially a conflict with host without the credential set. Currently digging into that.

Tried to do the multiarch:

Setup tracing at https://dagger.cloud/traces/setup. To hide: export SHUTUP=1

Error: response from query: input: daggerDev.devExport resolve: call function "DevExport": process "/runtime" did not complete successfully: exit code: 2

Stdout:
invoke: input: container.from.withExec.withEnvVariable.withFile.withExec.withDirectory.withExec.asTarball resolve: container image to tarball file conversion failed: failed to solve for container publish: process "/dev/.buildkit_qemu_emulator go build std" did not complete successfully: exit code: 1

Stderr:
regexp: /usr/local/go/pkg/tool/linux_amd64/compile: signal: segmentation fault (core dumped)

getting a segfault when using qemu

#1301297050624856136 message