Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions extras/dagger/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,26 @@ dagger call -m github.com/chainloop-dev/chainloop \
--contract-name my-existing-contract \ # optional flag to specify an existing contract that will be used during the creation of a workflow
```

##### Controlling "latest" promotion

The optional `--mark-latest` flag controls whether the project version is promoted to `latest`. It is an enum with three values:

- `ON_CREATE` (default): newly created versions become `latest`; existing versions are left unchanged.
- `TRUE`: force-promote a pre-release version to `latest`.
- `FALSE`: do not promote the version to `latest`.

`TRUE` and `FALSE` only affect promotion: they never demote a version that is already `latest`. In particular, `FALSE` prevents a newly created version from becoming `latest`, but it has no effect on an existing version (its `latest` status is left untouched).

```sh
dagger call -m github.com/chainloop-dev/chainloop \
init \
--token env:CHAINLOOP_TOKEN \
--workflow-name the-name-of-the-workflow \
--project-name the-name-of-the-project \
--version 1.0.0 \
--mark-latest FALSE # create the new version 1.0.0 without making it latest
```

#### 2 - Get the status ([docs](https://docs.chainloop.dev/getting-started/attestation-crafting#inspecting-the-crafting-status))

Resuming a previous attestation
Expand Down
36 changes: 36 additions & 0 deletions extras/dagger/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,12 @@ func (m *Chainloop) Init(
// mark the version as release
// +optional
release bool,
// Control whether this project version is promoted to "latest".
// ON_CREATE (default): new versions become latest, existing ones are untouched.
// TRUE: force-promote a pre-release version. FALSE: skip promotion entirely.
// +optional
// +default="ON_CREATE"
markLatest MarkLatest,
// Github event file for PR detection (when running in Github Actions)
// +optional
githubEventFile *dagger.File,
Expand Down Expand Up @@ -283,6 +289,19 @@ func (m *Chainloop) Init(
)
}

// Map the tri-state enum onto the CLI's --mark-latest flag. ON_CREATE omits
// the flag so the server applies its default behavior. An enum (non-empty
// string) is used instead of *bool because Dagger v0.19.11 collapses *bool
// to bool in the generated SDK and drops the false value (see PFM-6269).
switch markLatest {
case MarkLatestTrue:
args = append(args, "--mark-latest=true")
case MarkLatestFalse:
args = append(args, "--mark-latest=false")
case MarkLatestOnCreate:
// omit the flag → CLI sends no value → server applies its default
}

info, err := att.
Container(0).
WithExec(args, execOpts).
Expand Down Expand Up @@ -699,6 +718,23 @@ const (
OutputFormatJSON OutputFormat = "json"
)

// MarkLatest controls whether a project version is promoted to "latest" during
// attestation init. It is modelled as an enum rather than a *bool because the
// Dagger v0.19.11 SDK collapses *bool parameters to bool and drops the false
// value before it reaches the wire, making the "skip promotion" state
// unreachable (see PFM-6269). A non-empty string survives that check.
type MarkLatest string

const (
// MarkLatestOnCreate keeps the server default: a newly created version
// becomes latest, while existing/pre-release versions are left unchanged.
MarkLatestOnCreate MarkLatest = "ON_CREATE"
// MarkLatestTrue force-promotes a pre-release version to latest.
MarkLatestTrue MarkLatest = "TRUE"
// MarkLatestFalse skips latest promotion, even for newly created versions.
MarkLatestFalse MarkLatest = "FALSE"
)

// Generate, sign and push the attestation to the chainloop control plane
func (att *Attestation) Push(
ctx context.Context,
Expand Down
Loading