diff --git a/build/Dockerfile b/build/Dockerfile index c6f63df..a48ef3d 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -20,6 +20,20 @@ RUN curl -OL https://github.com/dhall-lang/dhall-haskell/releases/download/1.29. # Back to the default operator user USER 1001 +# Install dhall libraries +RUN git clone --branch v13.0.0 --depth 1 https://github.com/dhall-lang/dhall-lang /opt/ansible/dhall-lang \ + && git clone --branch v3.0.0 --depth 1 https://github.com/dhall-lang/dhall-kubernetes /opt/ansible/dhall-kubernetes +ENV DHALL_PRELUDE=/opt/ansible/dhall-lang/Prelude/package.dhall +ENV DHALL_KUBERNETES=/opt/ansible/dhall-kubernetes/package.dhall + +# Copy configuration +COPY conf/ /opt/ansible/conf/ + +# Cache dhall objects +RUN echo 'let Prelude = ~/conf/Prelude.dhall let Kubernetes = ~/conf/Kubernetes.dhall in "OK"' | \ + env DHALL_PRELUDE=/opt/ansible/dhall-lang/Prelude/package.dhall \ + DHALL_KUBERNETES=/opt/ansible/dhall-kubernetes/package.dhall dhall-to-json + # Copy ansible operator requirements COPY watches.yaml ${HOME}/watches.yaml diff --git a/conf/Kubernetes.dhall b/conf/Kubernetes.dhall new file mode 100644 index 0000000..9ccdba2 --- /dev/null +++ b/conf/Kubernetes.dhall @@ -0,0 +1,3 @@ +{- Import the kubernetes types, see the ./Prelude.dhall file for documentation -} + env:DHALL_KUBERNETES +? https://raw.githubusercontent.com/dhall-lang/dhall-kubernetes/3c6d09a9409977cdde58a091d76a6d20509ca4b0/package.dhall sha256:e9c55c7ff71f901314129e7ef100c3af5ec7a918dce25e06d83fa8c5472cb680 diff --git a/conf/Prelude.dhall b/conf/Prelude.dhall new file mode 100644 index 0000000..5a78300 --- /dev/null +++ b/conf/Prelude.dhall @@ -0,0 +1,28 @@ +{- This file provides a central `Prelude` import for the rest of the library to + use so that the integrity check only needs to be updated in one place + whenever upgrading the interpreter. + + This allows the user to provide their own Prelude import using the + `DHALL_PRELUDE` environment variable, like this: + + ``` + $ export DHALL_PRELUDE='https://prelude.dhall-lang.org/package.dhall sha256:...' + ``` + + Note that overriding the Prelude in this way only works if this repository + is imported locally. Remote imports do not have access to environment + variables and any attempt to import one will fall back to the next available + import. To learn more, read: + + * https://docs.dhall-lang.org/discussions/Safety-guarantees.html#cross-site-scripting-xss + + This file also provides an import without the integrity check as a slower + fallback if the user is using a different version of the Dhall interpreter. + + This pattern is documented in the dhall-nethack repo: + + * https://github.com/dhall-lang/dhall-nethack/blob/master/Prelude.dhall +-} + env:DHALL_PRELUDE +? https://prelude.dhall-lang.org/v13.0.0/package.dhall sha256:4aa8581954f7734d09b7b21fddbf5d8df901a44b54b4ef26ea71db92de0b1a12 +? https://prelude.dhall-lang.org/v13.0.0/package.dhall