We use cookies to understand how people use Depot.
← All Posts

Now available: A Dagger module for Depot

Written by
kyle
Kyle Galbraith
Published on
18 December 2023
We're excited to announce that we've released a Dagger module for Depot. You can use it to offload any build or bake operation to Depot and use the built image in your Dagger pipeline via our ephemeral registry.
Now available: A Dagger module for Depot banner

We've released a Depot module for the upcoming Daggerverse project that the team at Dagger is working on 🎉

The module lets you offload any build or bake operation to Depot and use the resulting image in your Dagger module or pipeline. The power of Depot combined with Dagger modules unlocks a lot of exciting use cases that will be incredibly valuable in the future as Dagger adoption continues to ramp up.

How it works

The Daggerverse is a collection of modules for various CI/CD use cases built by the community and the team at Dagger. We've launched our own Depot module that is a daggerized version of our existing depot build and depot bake commands.

We can create a very simple Dockerfile to demonstrate the power of Dagger with Depot:

FROM cgr.dev/chainguard/node:latest
ENTRYPOINT ["echo", "chainguard node"]

You can leverage the module in your Dagger setup in two ways. The first is to invoke the module directly from the Dagger CLI:

dagger call -m github.com/depot/daggerverse/depot \
  build --token <depot-token> --project <depot-project> --directory . container

The CLI here invokes the build command inside the Depot module, passing in the usual required flags for the depot build command. The module will then build and return the image via our ephemeral registry by default. Given our basic Dockerfile above, we can see the module in action:

The second way to use the module is to leverage it in your own Dagger module. Currently, Dagger supports developing modules in Python and Go, with other languages on the way. To get started with a Dagger module, we recommend following the Dagger module quickstart as the project is still in an early state.

Here is an example of a Dagger module that uses the Depot module inside:

package main
 
import (
  "context"
)
 
type DaggerModuleTest struct{}
 
func (m *DaggerModuleTest) CheckCVEs(ctx context.Context, depotToken *Secret, project string, directory *Directory) (string, error) {
  artifact := dag.Depot().Build(depotToken, project, directory, DepotBuildOpts{Sbom: true})
  sbomFile := artifact.Sbom()
  return dag.
    Container().
    From("anchore/grype:latest").
    WithFile("/mnt/sbom.spdx.json", sbomFile).
    WithExec([]string{"sbom:/mnt/sbom.spdx.json", "--fail-on=high"}).
    Stdout(ctx)
}

This example shows the additional power you get when you combine Depot for the image build with the ability to chain modules and functions in Dagger. This DaggerModuleTest module exposes a function, CheckCVEs, that builds the image via the Depot module, asking for an SBOM to be generated, and then runs Grype on the resulting bill of materials, failing the build if any high severity CVEs are found.

From within the new module DaggerModuleTest, we can call the CheckCVEs function via the Dagger CLI:

dagger call checkCves \
  --depot-token <depot-token> \
  --project <depot-project> \
  --directory .

Here is what the output of this module looks like when run in Dagger:

Dagger module check CVEs passed

We see that our build didn't fail because we don't have any high-severity CVEs in our base image, but if we were to change the base image to something like node:16-alpine, we would see the build fail:

Dagger module check CVEs failed

What's next

We're excited to see what the community does with the new Depot module for Dagger! There are quite a few exciting new use cases that combining Depot with Dagger unlocks, and we can't wait to see what you build.

We will be exploring new modules we can build for the Daggerverse that allow you to codify more of your CI/CD pipeline in Dagger, while combining the features of Depot to make your CI/CD pipeline faster and more efficient. You can stay tuned on those ideas in our Discord Community.

Build Docker containers 40x faster
Get started for free →