Skip to content

feat: add Licensei #4289

feat: add Licensei

feat: add Licensei #4289

Workflow file for this run

name: CI
on:
push:
branches: [main]
pull_request:
permissions:
contents: read
env:
DAGGER_VERSION: 0.13.1
jobs:
build:
name: Build
runs-on: depot-ubuntu-latest-8
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Set up Nix
uses: cachix/install-nix-action@3715ab1a11cac9e991980d7b4a28d80c7ebdd8f9 # v27
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@87b14cf437d03d37989d87f0fa5ce4f5dc1a330b # v8
- name: Prepare Nix shell
run: nix develop --impure .#ci
- name: Build Server
run: nix develop --impure .#ci -c make build-server
- name: Build Sink Worker
run: nix develop --impure .#ci -c make build-sink-worker
test:
name: Test
runs-on: depot-ubuntu-latest-8
steps:
# Required as a workaround for Dagger to properly detect Git metadata
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Run pipeline
uses: dagger/dagger-for-github@e49f5bfe7f9a3593f38b9d7391f110d6dff48f94 # v6.8.0
with:
verb: call
args: test
cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
version: ${{ env.DAGGER_VERSION }}
- name: Export Dagger Engine logs
id: export-dagger-engine-logs
run: docker logs $(docker container list --all --filter 'name=^dagger-engine-*' --format '{{.Names}}') > engine.stdout.log 2> engine.stderr.log
if: always()
continue-on-error: true
- name: Upload Dagger Engine logs as artifact
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
if: always() && steps.export-dagger-engine-logs.outcome == 'success'
with:
name: "[${{ github.job }}] Dagger Engine logs"
path: |
engine.stdout.log
engine.stderr.log
retention-days: 14
migrations:
name: Migration Checks
runs-on: depot-ubuntu-latest-8
steps:
# Required as a workaround for Dagger to properly detect Git metadata
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0 # Needed to compare against base branch
- name: Run pipeline
uses: dagger/dagger-for-github@e49f5bfe7f9a3593f38b9d7391f110d6dff48f94 # v6.8.0
with:
verb: call
args: migrate check
cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
version: ${{ env.DAGGER_VERSION }}
- name: Export Dagger Engine logs
id: export-dagger-engine-logs
run: docker logs $(docker container list --all --filter 'name=^dagger-engine-*' --format '{{.Names}}') > engine.stdout.log 2> engine.stderr.log
if: always()
continue-on-error: true
- name: Upload Dagger Engine logs as artifact
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
if: always() && steps.export-dagger-engine-logs.outcome == 'success'
with:
name: "[${{ github.job }}] Dagger Engine logs"
path: |
engine.stdout.log
engine.stderr.log
retention-days: 14
lint:
name: Lint
runs-on: depot-ubuntu-latest-8
steps:
# Required as a workaround for Dagger to properly detect Git metadata
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Run pipeline
uses: dagger/dagger-for-github@e49f5bfe7f9a3593f38b9d7391f110d6dff48f94 # v6.8.0
with:
verb: call
args: lint all
cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
version: ${{ env.DAGGER_VERSION }}
- name: Export Dagger Engine logs
id: export-dagger-engine-logs
run: docker logs $(docker container list --all --filter 'name=^dagger-engine-*' --format '{{.Names}}') > engine.stdout.log 2> engine.stderr.log
if: always()
continue-on-error: true
- name: Upload Dagger Engine logs as artifact
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
if: always() && steps.export-dagger-engine-logs.outcome == 'success'
with:
name: "[${{ github.job }}] Dagger Engine logs"
path: |
engine.stdout.log
engine.stderr.log
retention-days: 14
commit-hooks:
name: Commit hooks
runs-on: depot-ubuntu-latest-4
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Set up Nix
uses: cachix/install-nix-action@3715ab1a11cac9e991980d7b4a28d80c7ebdd8f9 # v27
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@87b14cf437d03d37989d87f0fa5ce4f5dc1a330b # v8
- name: Prepare Nix shell
run: nix develop --impure .#ci
- name: Pre-commit hooks
run: nix develop --impure .#ci -c pre-commit run -a
- name: Check commit messages
run: nix develop --impure .#ci -c pre-commit run --hook-stage manual
license-check:
name: License check
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- name: Set up Nix
uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@eeabdb06718ac63a7021c6132129679a8e22d0c7 # v3
- name: Cache license information
uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1
with:
path: .licensei.cache
key: licensei-v1-${{ github.ref_name }}-${{ hashFiles('go.sum') }}
restore-keys: |
licensei-v1-${{ github.ref_name }}
licensei-v1-main
licensei-v1
- name: Prepare Nix shell
run: nix develop --impure .#ci
- name: Populate license cache
run: nix develop --impure .#ci -c licensei cache
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Check licenses
run: nix develop --impure .#ci -c make license-check
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
dev:
name: Developer environment
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Set up Nix
uses: cachix/install-nix-action@3715ab1a11cac9e991980d7b4a28d80c7ebdd8f9 # v27
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@87b14cf437d03d37989d87f0fa5ce4f5dc1a330b # v8
- name: Check
run: nix flake check --impure
- name: Dev shell
run: nix develop --impure
artifacts:
name: Artifacts
uses: ./.github/workflows/artifacts.yaml
with:
publish: ${{ github.event_name == 'push' }}
permissions:
contents: read
packages: write
id-token: write
security-events: write
dependency-review:
name: Dependency review
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Dependency Review
uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
fossa-scan:
name: FOSSA Scan
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Run FOSSA Scan
uses: fossas/fossa-action@09bcf127dc0ccb4b5a023f6f906728878e8610ba # v1.4.0
with:
api-key: ${{secrets.FOSSA_API_KEY}}
quickstart:
name: Quickstart
runs-on: depot-ubuntu-latest-8
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Launch Docker Compose
run: docker compose -f docker-compose.yaml -f docker-compose.ci.yaml up -d
working-directory: quickstart
- name: Wait for worker to become ready
run: curl --retry 10 --retry-max-time 120 --retry-all-errors http://localhost:10000/healthz
- name: Run tests
uses: dagger/dagger-for-github@e49f5bfe7f9a3593f38b9d7391f110d6dff48f94 # v6.8.0
with:
verb: call
args: --source .:default quickstart-test --service tcp://localhost:8888 --port 8888
cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
version: ${{ env.DAGGER_VERSION }}
- name: Export Container Logs
id: export-container-logs
run: docker logs $(docker container list --all --filter 'name=^*-openmeter-*' --format '{{.Names}}') > container.stdout.log 2> container.stderr.log
if: always()
continue-on-error: true
- name: Upload Container logs as artifact
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
if: always() && steps.export-container-logs.outcome == 'success'
with:
name: "[${{ github.job }}] Container logs"
path: |
container.stdout.log
container.stderr.log
retention-days: 14
- name: Cleanup Docker Compose
run: docker compose -f docker-compose.yaml -f docker-compose.ci.yaml down -v
working-directory: quickstart
if: always()
e2e:
name: E2E
runs-on: depot-ubuntu-latest-16
steps:
# Required as a workaround for Dagger to properly detect Git metadata
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Run pipeline
uses: dagger/dagger-for-github@e49f5bfe7f9a3593f38b9d7391f110d6dff48f94 # v6.8.0
with:
verb: call
args: etoe
cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
version: ${{ env.DAGGER_VERSION }}
- name: Export Dagger Engine logs
id: export-dagger-engine-logs
run: docker logs $(docker container list --all --filter 'name=^dagger-engine-*' --format '{{.Names}}') > engine.stdout.log 2> engine.stderr.log
if: always()
continue-on-error: true
- name: Upload Dagger Engine logs as artifact
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
if: always() && steps.export-dagger-engine-logs.outcome == 'success'
with:
name: "[${{ github.job }}] Dagger Engine logs"
path: |
engine.stdout.log
engine.stderr.log
retention-days: 14
dagger:
name: CI
runs-on: depot-ubuntu-latest-16
steps:
# Required as a workaround for Dagger to properly detect Git metadata
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Run pipeline
uses: dagger/dagger-for-github@e49f5bfe7f9a3593f38b9d7391f110d6dff48f94 # v6.8.0
with:
verb: call
args: ci
cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
version: ${{ env.DAGGER_VERSION }}
- name: Export Dagger Engine logs
id: export-dagger-engine-logs
run: docker logs $(docker container list --all --filter 'name=^dagger-engine-*' --format '{{.Names}}') > engine.stdout.log 2> engine.stderr.log
if: always()
continue-on-error: true
- name: Upload Dagger Engine logs as artifact
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
if: always() && steps.export-dagger-engine-logs.outcome == 'success'
with:
name: "[${{ github.job }}] Dagger Engine logs"
path: |
engine.stdout.log
engine.stderr.log
retention-days: 14