ci: initial switch to using dagger within github workflows (#151)

purpleclay · Jun 23, 2024 · ca30fed · ca30fed
1 parent e99e649
commit ca30fed
Show file tree

Hide file tree

Showing 9 changed files with 71 additions and 55 deletions.
diff --git a/.deepsource.toml b/.deepsource.toml
@@ -1,15 +1,13 @@
 version = 1
 
-test_patterns = [
-  "**/*_test.go"
-]
+test_patterns = ["**/*_test.go"]
 
 [[analyzers]]
 name = "go"
 enabled = true
 
-    [analyzers.meta]
-    import_root = "github.com/purpleclay/nsv"
+[analyzers.meta]
+import_root = "github.com/purpleclay/gitz"
 
 [[analyzers]]
 name = "secrets"

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
diff --git a/.github/renovate.json b/.github/renovate.json
@@ -0,0 +1,4 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": ["github>purpleclay/renovate-config"]
+}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -19,30 +19,26 @@ permissions:
   contents: read
 
 jobs:
-  # By splitting testing into its own job will ensure the needs: clause for
-  # static-analysis runs without waiting on the entire matrix. Jobs that run
-  # against macos and windows are considerably slower
   test:
     uses: purpleclay/github/.github/workflows/go-test.yml@main
-    with:
-      go-version: ${{ vars.GO_VERSION }}
-    secrets:
-      github-token: ${{ secrets.GITHUB_TOKEN }}
-
-  test-by-os:
-    if: "!startsWith(github.ref, 'refs/tags/')"
     strategy:
       matrix:
-        os: [macos-latest, windows-latest]
-    uses: purpleclay/github/.github/workflows/go-test.yml@main
+        os: [ubuntu-24.04, macos-14, windows-2022]
     with:
-      os: ${{ matrix.os }}
       go-version: ${{ vars.GO_VERSION }}
     secrets:
       github-token: ${{ secrets.GITHUB_TOKEN }}
 
   lint:
-    uses: purpleclay/github/.github/workflows/golangci-lint.yml@main
-    with:
-      version: ${{ vars.GOLANGCI_LINT_VERSION }}
-      go-version: ${{ vars.GO_VERSION }}
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: golangci-lint
+        uses: dagger/dagger-for-github@v5
+        with:
+          verb: call
+          module: github.com/purpleclay/daggerverse/golang
+          args: --src . lint
+          cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
diff --git a/.github/workflows/nsv.yml b/.github/workflows/nsv.yml
@@ -4,7 +4,7 @@ on:
 
 jobs:
   nsv:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     permissions:
       contents: write
     steps:
@@ -15,10 +15,13 @@ jobs:
           token: ${{ secrets.GH_NSV }}
 
       - name: Tag
-        uses: purpleclay/nsv-action@v1
-        with:
-          token: ${{ secrets.GH_NSV }}
+        uses: dagger/dagger-for-github@v5
         env:
+          # skipcq: SCT-A000
           GPG_PRIVATE_KEY: "${{ secrets.GPG_PRIVATE_KEY }}"
           GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
-          GPG_TRUST_LEVEL: "${{ secrets.GPG_TRUST_LEVEL }}"
+        with:
+          verb: call
+          module: github.com/purpleclay/daggerverse/[email protected]
+          args: --src . tag --show --gpg-private-key env:GPG_PRIVATE_KEY --gpg-passphrase env:GPG_PASSPHRASE
+          cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
diff --git a/.gitignore b/.gitignore
@@ -13,7 +13,7 @@
 !LICENSE
 !mkdocs.yml
 !README.md
-!Taskfile.yaml
+!taskfile.yaml
 !docs/**/*
 
 # Allow Nix files

diff --git a/Taskfile.yaml b/Taskfile.yaml
@@ -1,5 +1,8 @@
 version: "3"
 
+vars:
+  GOLANG_DAGGER: "github.com/purpleclay/daggerverse/[email protected]"
+
 tasks:
   default:
     desc: Runs all of the default tasks
@@ -47,9 +50,16 @@ tasks:
     vars:
       REPORT_FORMAT: '{{default "colored-line-number" .REPORT_FORMAT}}'
     cmds:
-      - golangci-lint run --timeout 5m0s --out-format {{.REPORT_FORMAT}}
+      - dagger call -m {{.GOLANG_DAGGER}} --src . lint --format {{.REPORT_FORMAT}}
 
   format:
     desc: Format the code using gofumpt
     cmds:
-      - gofumpt -w -l .
+      - dagger call -m {{.GOLANG_DAGGER}} --src . format export --path .
+
+  docs:
+    desc: Builds and hosts the MkDocs documentation
+    vars:
+      MKDOCS_MATERIAL_VERSION: '{{default "9.5.26-insiders-4.53.11" .MKDOCS_MATERIAL_VERSION}}'
+    cmds:
+      - docker run --rm -it -p 8000:8000 -v $PWD:/docs ghcr.io/purpleclay/mkdocs-material-insiders:{{.MKDOCS_MATERIAL_VERSION}}
diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -4,9 +4,16 @@
   inputs = {
     nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
     flake-utils.url = "github:numtide/flake-utils";
+
+    dagger = {
+      url = "github:dagger/nix";
+      inputs = {
+        nixpkgs.follows = "nixpkgs";
+      };
+    };
   };
 
-  outputs = { self, nixpkgs, flake-utils }:
+  outputs = { self, nixpkgs, flake-utils, dagger }:
     flake-utils.lib.eachDefaultSystem (system:
       let
         pkgs = nixpkgs.legacyPackages.${system};
@@ -15,10 +22,9 @@
       {
         devShells.default = mkShell {
           buildInputs = [
+            dagger.packages.${system}.dagger
             git
             go
-            gofumpt
-            golangci-lint
             go-task
           ];
         };