cue modules: move stdlib to pkg/alpha.dagger.io

In preparation for Europa, we will vendor multiple CUE modules:

- `pkg/alpha.dagger.io`: legacy non-europa packages
- `pkg/dagger.io`: core Europa packages
- `pkg/universe.dagger.io`: Europa universe

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>

pkg/alpha.dagger.io/os/container.cue

@@ -0,0 +1,133 @@
+package os
+
+import (
+	"alpha.dagger.io/dagger"
+	"alpha.dagger.io/dagger/op"
+
+	"alpha.dagger.io/alpine"
+)
+
+// Default image for basic use cases
+// FIXME: should just be 'alpine.#Image'.
+//   referring to '#.up' is a workaround to a dagger engine bug.
+//   see https://github.com/dagger/dagger/issues/304
+#DefaultImage: alpine.#Image.#up
+
+// Built-in container implementation, using buildkit
+#Container: {
+
+	// Container image
+	image: dagger.#Artifact | *#DefaultImage
+	//     {
+	//      // Optionally fetch a remote image
+	//      // eg. "index.docker.io/alpine"
+	//      from: string
+	//      image: #up: [op.#FetchContainer & { "ref": from }]
+	//     } | {}
+
+	// Independently cacheable setup commands
+	setup: [...string]
+
+	// Command to execute
+	command: string | *""
+
+	// Environment variables shared by all commands
+	env: [string]: string
+
+	// Directory in which the command is executed
+	dir: string | *"/"
+
+	// If true, the command is never cached.
+	// (false by default).
+	always: true | *false
+
+	// Copy contents from other artifacts
+	copy: [string]: from: dagger.#Artifact
+
+	// Mount contents from other artifacts.
+	// Mount is active when executing `command`, but not `setup`.
+	mount: [string]: {
+		from: dagger.#Artifact
+		// FIXME: support source path
+	}
+
+	// Safely mount secrets (in cleartext) as non-persistent files
+	secret: [string]: dagger.#Secret
+
+	// Mount unix socket or windows npipes to the corresponding path
+	socket: [string]: dagger.#Stream
+
+	// Write file in the container
+	files: [string]: {
+		content: string
+		mode:    int | *0o644
+	}
+
+	// Mount persistent cache directories
+	cache: [string]: true
+
+	// Mount temporary directories
+	tmpfs: [string]: true
+
+	// Configure the shell which executes all commands.
+	shell: {
+		// Path of the shell to execute
+		path: string | *"/bin/sh"
+		// Arguments to pass to the shell prior to the command
+		args: [...string] | *["-c"]
+	}
+
+	#up: [
+		op.#Load & {from: image},
+		// Copy volumes with type=copy
+		for dest, o in copy {
+			op.#Copy & {
+				"dest": dest
+				from:   o.from
+				// FIXME: support source path
+			}
+		},
+		// Execute setup commands, without volumes
+		for cmd in setup {
+			op.#Exec & {
+				args:  [shell.path] + shell.args + [cmd]
+				"env": env
+				"dir": dir
+			}
+		},
+		for dest, file in files {
+			op.#WriteFile & {
+				content: file.content
+				mode:    file.mode
+				"dest":  dest
+			}
+		},
+		// Execute main command with volumes
+		if command != "" {
+			op.#Exec & {
+				args:     [shell.path] + shell.args + [command]
+				"env":    env
+				"dir":    dir
+				"always": always
+				"mount": {
+					for dest, o in mount {
+						"\(dest)": o
+						// FIXME: support source path
+					}
+					for dest, s in secret {
+						"\(dest)": secret: s
+					}
+					for dest, _ in cache {
+						"\(dest)": "cache"
+					}
+					for dest, _ in tmpfs {
+						"\(dest)": "tmpfs"
+					}
+					for dest, s in socket {
+						"\(dest)": stream: s
+					}
+				}
+			}
+		},
+	]
+}

pkg/alpha.dagger.io/os/dir.cue

@@ -0,0 +1,44 @@
+package os
+
+import (
+	"alpha.dagger.io/dagger"
+	"alpha.dagger.io/dagger/op"
+)
+
+#Dir: {
+	from: dagger.#Artifact
+	path: string | *"/"
+
+	#up: [
+		op.#Load & {"from": from},
+		op.#Subdir & {
+			dir: path
+		},
+	]
+}
+
+#ReadDir: {
+	from: dagger.#Artifact
+	path: string
+
+	// Read the tree structure (not file contents)
+	read: tree: {
+		string// FIXME: only raw 'find' output for now
+		#up: [
+			op.#FetchContainer & {
+				ref: "alpine" // FIXME: use alpine or docker package
+			},
+			op.#Exec & {
+				mount: "/data": "from": from
+				args: [
+					"sh", "-c",
+					#"find /data | sed 's/^\/data//' > /export.txt"#,
+				]
+			},
+			op.#Export & {
+				source: "/export.txt"
+				format: "string"
+			},
+		]
+	}
+}

pkg/alpha.dagger.io/os/file.cue

@@ -0,0 +1,43 @@
+// OS operations
+package os
+
+import (
+	"alpha.dagger.io/dagger"
+	"alpha.dagger.io/dagger/op"
+)
+
+// Built-in file implementation, using buildkit
+// A single file
+#File: {
+	from: dagger.#Artifact | *[op.#Mkdir & {dir: "/", path: "/"}]
+	path: string
+
+	// Optionally write data to the file
+	write: *null | {
+		data: string
+		// FIXME: append
+		// FIXME: create + mode
+	}
+
+	// The contents of the file
+	// If a write operation is specified, it is applied first.
+	contents: {
+		string
+
+		#up: [
+			op.#Load & {
+				"from": from
+			},
+			if write != null {
+				op.#WriteFile & {
+					dest:    path
+					content: write.data
+				}
+			},
+			op.#Export & {
+				source: path
+				format: "string"
+			},
+		]
+	}
+}

pkg/alpha.dagger.io/os/tests/container/container.cue

@@ -0,0 +1,26 @@
+package os
+
+import (
+	"alpha.dagger.io/dagger"
+)
+
+// Test secret mount
+SimpleSecret: {
+	// 'encrypted' and 'cleartext' must be set from identical values
+	encrypted: dagger.#Secret @dagger(input)
+	cleartext: string         @dagger(input)
+
+	ctr: #Container & {
+		secret: "/secret-in": encrypted
+		command: "cat /secret-in > /secret-out"
+	}
+
+	// Decrypted secret
+	decrypted: (#File & {
+			from: ctr
+			path: "/secret-out"
+	}).contents @dagger(output)
+
+	// Assertion: decrypted value must match original cleartext
+	decrypted: cleartext
+}

pkg/alpha.dagger.io/os/tests/os/os.cue

@@ -0,0 +1,25 @@
+package os
+
+import (
+	"alpha.dagger.io/alpine"
+)
+
+// Write a file to an empty dir
+EmptyDir: {
+	f: #File & {
+		path: "/foo.txt"
+		write: data: "hello world!"
+	}
+	f: contents: "hello world!"
+}
+
+// Read from a pre-existing file
+Read: {
+	f: #File & {
+		from: alpine.#Image & {
+			version: "3.15.0"
+		}
+		path: "/etc/alpine-release"
+	}
+	f: contents: "3.15.0\n"
+}