feat: dagger runner context support (#516)

Signed-off-by: Miguel Martinez Trivino <[email protected]>

Author: migmartri

app/cli/internal/action/workflow_run_list.go

@@ -117,6 +117,7 @@ func humanizedRunnerType(in v1.CraftingSchema_Runner_RunnerType) string {
 		*v1.CraftingSchema_Runner_AZURE_PIPELINE.Enum():          "Azure Pipeline",
 		*v1.CraftingSchema_Runner_JENKINS_JOB.Enum():             "Jenkins Job",
 		*v1.CraftingSchema_Runner_CIRCLECI_BUILD.Enum():          "CircleCI Build",
+		*v1.CraftingSchema_Runner_DAGGER_PIPELINE.Enum():         "Dagger Pipeline",
 	}
 
 	hrt, ok := mapping[in]

app/cli/internal/action/workflow_run_list_test.go

@@ -52,6 +52,10 @@ func (s *workflowRunListSuite) TestHumanizedRunnerType() {
 			name:           "jenkins runner",
 			testInput:      v1.CraftingSchema_Runner_JENKINS_JOB,
 			expectedOutput: "Jenkins Job",
+		}, {
+			name:           "dagger runner",
+			testInput:      v1.CraftingSchema_Runner_DAGGER_PIPELINE,
+			expectedOutput: "Dagger Pipeline",
 		}, {
 			name:           "circleci runner",
 			testInput:      v1.CraftingSchema_Runner_CIRCLECI_BUILD,

app/controlplane/api/gen/frontend/workflowcontract/v1/crafting_schema.ts

@@ -46,6 +46,7 @@ message CraftingSchema {
       AZURE_PIPELINE = 3;
       JENKINS_JOB = 4;
       CIRCLECI_BUILD = 5;
+      DAGGER_PIPELINE = 6;
     }
   }
 

app/controlplane/api/workflowcontract/v1/crafting_schema.pb.go

@@ -7,12 +7,7 @@ import (
 	"time"
 )
 
-const (
-	// https://github.com/chainloop-dev/chainloop/releases/tag/v0.60.0
-	// providing a sha triggers a no-sec hardcoded credentials false positive
-	//nolint:gosec
-	clImage = "ghcr.io/chainloop-dev/chainloop/cli@sha256:4e0bc402f71f4877a1ae8d6df5eb4e666a0efa0e7d43ab4f97f21c0e46ae0a59"
-)
+const chainloopVersion = "v0.60.0"
 
 type Chainloop struct {
 	Token *Secret
@@ -148,7 +143,8 @@ func (m *Chainloop) AttestationReset(ctx context.Context,
 
 func (m *Chainloop) cliImage() *Container {
 	return dag.Container().
-		From(clImage).
+		From(fmt.Sprintf("ghcr.io/chainloop-dev/chainloop/cli:%s", chainloopVersion)).
 		WithSecretVariable("CHAINLOOP_ROBOT_ACCOUNT", m.Token).
-		WithEnvVariable("CACHEBUSTER", time.Now().String())
+		WithEnvVariable("CACHEBUSTER", time.Now().String()).
+		WithEnvVariable("CHAINLOOP_DAGGER_CLIENT", chainloopVersion)
 }

app/controlplane/api/workflowcontract/v1/crafting_schema.proto

@@ -52,6 +52,8 @@ func NewRunner(t schemaapi.CraftingSchema_Runner_RunnerType) supportedRunner {
 		return runners.NewJenkinsJob()
 	case schemaapi.CraftingSchema_Runner_CIRCLECI_BUILD:
 		return runners.NewCircleCIBuild()
+	case schemaapi.CraftingSchema_Runner_DAGGER_PIPELINE:
+		return runners.NewDaggerPipeline()
 	default:
 		return runners.NewGeneric()
 	}

extras/dagger/main.go

@@ -0,0 +1,56 @@
+//
+// Copyright 2024 The Chainloop Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package runners
+
+import "os"
+
+type DaggerPipeline struct{}
+
+const DaggerPipelineID = "dagger-pipeline"
+
+func NewDaggerPipeline() *DaggerPipeline {
+	return &DaggerPipeline{}
+}
+
+func (r *DaggerPipeline) CheckEnv() bool {
+	for _, envVarName := range []string{"CHAINLOOP_DAGGER_CLIENT"} {
+		if os.Getenv(envVarName) == "" {
+			return false
+		}
+	}
+
+	return true
+}
+
+func (r *DaggerPipeline) ListEnvVars() []*EnvVarDefinition {
+	return []*EnvVarDefinition{
+		// Version of the Chainloop Client
+		{"CHAINLOOP_DAGGER_CLIENT", false},
+	}
+}
+
+func (r *DaggerPipeline) String() string {
+	return DaggerPipelineID
+}
+
+// TODO: figure out an URL and or more useful information
+func (r *DaggerPipeline) RunURI() string {
+	return ""
+}
+
+func (r *DaggerPipeline) ResolveEnvVars() (map[string]string, []*error) {
+	return resolveEnvVars(r.ListEnvVars())
+}

internal/attestation/crafter/runner.go

@@ -0,0 +1,92 @@
+//
+// Copyright 2024 The Chainloop Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package runners
+
+import (
+	"os"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/suite"
+)
+
+type daggerPipelineSuite struct {
+	suite.Suite
+	runner *DaggerPipeline
+}
+
+func (s *daggerPipelineSuite) TestCheckEnv() {
+	testCases := []struct {
+		name string
+		env  map[string]string
+		want bool
+	}{
+		{
+			name: "empty",
+			env:  map[string]string{},
+			want: false,
+		},
+		{
+			name: "present",
+			env: map[string]string{
+				"CHAINLOOP_DAGGER_CLIENT": "v1.0.0",
+			},
+			want: true,
+		},
+	}
+
+	for _, tc := range testCases {
+		s.T().Run(tc.name, func(t *testing.T) {
+			os.Unsetenv("CHAINLOOP_DAGGER_CLIENT")
+
+			for k, v := range tc.env {
+				t.Setenv(k, v)
+			}
+
+			s.Equal(tc.want, s.runner.CheckEnv())
+		})
+	}
+}
+
+func (s *daggerPipelineSuite) TestListEnvVars() {
+	assert.Equal(s.T(), []*EnvVarDefinition{{"CHAINLOOP_DAGGER_CLIENT", false}}, s.runner.ListEnvVars())
+}
+
+func (s *daggerPipelineSuite) TestResolveEnvVars() {
+	resolvedEnvVars, errors := s.runner.ResolveEnvVars()
+	s.Empty(errors)
+	s.Equal(map[string]string{"CHAINLOOP_DAGGER_CLIENT": "v0.6.0"}, resolvedEnvVars)
+}
+
+func (s *daggerPipelineSuite) TestRunURI() {
+	s.Equal("", s.runner.RunURI())
+}
+
+func (s *daggerPipelineSuite) TestRunnerName() {
+	s.Equal("dagger-pipeline", s.runner.String())
+}
+
+// Run before each test
+func (s *daggerPipelineSuite) SetupTest() {
+	s.runner = NewDaggerPipeline()
+	t := s.T()
+	t.Setenv("CHAINLOOP_DAGGER_CLIENT", "v0.6.0")
+}
+
+// Run the tests
+func TestDaggerPipelineRunner(t *testing.T) {
+	suite.Run(t, new(daggerPipelineSuite))
+}