Comments (3)
On Discord, there have been some proposals:
- We could add an argument when passing a secret, like
cmd:command-to-run:s
. - We could use a different scheme, like
cmd-s:command-to-run
. - We could add an annotation on the function parameter, like in Go
func (*Module) Function(
// +strip
secret *dagger.Secret
)
from dagger.
If feasible, I personally prefer the last one.
from dagger.
If feasible, I personally prefer the last one.
I don't think that's a good option. The function shouldn't need to know if the secret needs stripping or not. That responsibility should fall to the one loading the secret. See also:
I don't think we should do this with options at the point of use. Secrets should be marked to do this at point of load.
- Originally posted by @jedevc in #7220 (comment)
I also like @sipsma's suggestion here:
Hm yeah I agree this is likely what users would want 99.99% of the time and fairly annoying to require them to deal with themselves in userspace (i.e. get secret plaintext, strip newlines, create new modified secret).
I feel like there must be some obscure corner case where this isn't desired, but I can't think of any concretely either. And push comes to shove if we need to support the 0.01% of cases we can always add some kludge like
--token=file-raw:/some/token/file/where/trailing/newlines/matter
or similar.
- Originally posted by @sipsma in #6845 (review)
So if the most common thing is to want to strip the newline, then we strip it by default, and offer these alternatives to keep it as is:
env-raw:
file-raw:
cmd-raw:
Which seems clearer than the opposite default:
env-strip:
file-strip:
cmd-strip:
Flipping defaults is always a breaking change though, and @sipsma already reverted his suggestion to default to not touch it:
I'm good with reverting the change to strip newlines. I think we could consider the inverse of my suggestion on that PR and instead support a CLI syntax that does strip newlines for use cases that call for that. But I think this situation proves it's probably better to default to the exact contents of the file/command/env var.
- Originally posted by @sipsma in #7220 (comment)
Emphasis mine, because I tend to agree with that.
from dagger.
Related Issues (20)
- Details on status of dagger.Host in SDK docs HOT 4
- 🐞 `dagger call` doesn't use an enum's default value correctly
- Storage Drivers
- `secret not found` with chained functions and secrets in parent fields
- Lazy ref pulls are often misattributed to the wrong span
- TUI: hide `Void` from output
- 🐞 Version 0.12.2 won't fetch git repository anymore; tries to find http(s) as local path HOT 1
- ✨ Import image to local container runtime HOT 3
- Module Self Invocation HOT 2
- (Another different) `TestLegacy` flake
- 🐞 Trailing newline in secrets from command prevents secret scrubbing in Dagger output HOT 1
- 🐞 Docker build secrets seems broken in Python + Example in documentation is wrong for build secrets in Python HOT 5
- 🐞 No completion is installed when I install though homebrew
- Services: Custom Health Checks
- Services: stop policies
- Private modules HOT 3
- 🐞 Calling Dagger.Client.host/1 fails HOT 3
- /dev/.buildkit_qemu_emulator ... : did not complete successfully: failed to copy xattrs: failed to set xattr "security.selinux" on /tmp/buildkit-qemu-emulator2534885165/dev/.buildkit_qemu_emulator: operation not supported HOT 4
- How to use custom Package Managers configurations
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dagger.