From ef407c787a625a656fb671d13995e0f822431a10 Mon Sep 17 00:00:00 2001
From: Andrea Luzzardi <aluzzardi@gmail.com>
Date: Wed, 24 Nov 2021 16:24:41 -0800
Subject: [PATCH] runtime: context: support secret files

Signed-off-by: Andrea Luzzardi <aluzzardi@gmail.com>
---
 plan/task/secretfile.go | 47 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 plan/task/secretfile.go

diff --git a/plan/task/secretfile.go b/plan/task/secretfile.go
new file mode 100644
index 00000000..5d38cd53
--- /dev/null
+++ b/plan/task/secretfile.go
@@ -0,0 +1,47 @@
+package task
+
+import (
+	"context"
+	"os"
+
+	"cuelang.org/go/cue"
+	"github.com/rs/zerolog/log"
+	"go.dagger.io/dagger/compiler"
+	"go.dagger.io/dagger/plancontext"
+	"go.dagger.io/dagger/solver"
+)
+
+func init() {
+	Register("SecretFile", func() Task { return &secretFileTask{} })
+}
+
+type secretFileTask struct {
+}
+
+func (c secretFileTask) Run(ctx context.Context, pctx *plancontext.Context, _ solver.Solver, v *compiler.Value) (*compiler.Value, error) {
+	lg := log.Ctx(ctx)
+
+	var secretFile struct {
+		Path string
+	}
+
+	if err := v.Decode(&secretFile); err != nil {
+		return nil, err
+	}
+
+	lg.Debug().Str("path", secretFile.Path).Msg("loading secret")
+
+	data, err := os.ReadFile(secretFile.Path)
+	if err != nil {
+		return nil, err
+	}
+	id := pctx.Secrets.Register(&plancontext.Secret{
+		PlainText: string(data),
+	})
+
+	out := compiler.NewValue()
+	if err := out.FillPath(cue.ParsePath("contents.id"), id); err != nil {
+		return nil, err
+	}
+	return out, nil
+}