ci: Switch to devbox (#1843)

* ci: Switch to devbox

Signed-off-by: Mikołaj Baranowski <[email protected]>

* fix: Martin's comments

Signed-off-by: Mikołaj Baranowski <[email protected]>

* chore: Addressing Jimmi's comments

Signed-off-by: Mikołaj Baranowski <[email protected]>

* chore: Another round of Jimmi's comments

Signed-off-by: Mikołaj Baranowski <[email protected]>

* chore: Use devbox run

Signed-off-by: Mikołaj Baranowski <[email protected]>

---------

Signed-off-by: Mikołaj Baranowski <[email protected]>

.github/workflows/create-dev-tag.yml

@@ -35,15 +35,21 @@ jobs:
           ref: ${{ matrix.branch }}
           depth: 0
 
-      - name: Setup asdf
-        uses: asdf-vm/actions/setup@v3
+      - name: Install NIX
+        uses: cachix/install-nix-action@v24
+
+      - name: Install devbox
+        uses: jetpack-io/[email protected]
+        with:
+          enable-cache: true
+          skip-nix-installation: true
 
       - name: Generate tag
         run: |
           # Overriding a variable that causes a conflict in legacy
           # versions of gh-dkp
           export GITHUB_REPOSITORY="kommander-applications"
-          OUT=$(make repo.dev.tag)
+          OUT=$(devbox run -- make repo.dev.tag)
           echo "TAG=$(echo ${OUT##* })" >> $GITHUB_ENV
         env:
           GITHUB_TOKEN: ${{ secrets.MESOSPHERECI_USER_TOKEN }}

.github/workflows/flux-update-scheduled-check.yml

@@ -17,13 +17,16 @@ jobs:
         with:
           ssh-private-key: ${{ secrets.PRIVATE_SSH_KEY }}
 
-      - name: Setup asdf
-        uses: asdf-vm/actions/setup@v3
-        env:
-          GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Install NIX
+        uses: cachix/install-nix-action@v24
 
+      - name: Install devbox
+        uses: jetpack-io/[email protected]
+        with:
+          enable-cache: true
+          skip-nix-installation: true
 
       - name: Check for Flux update
         env:
           GH_TOKEN: ${{ secrets.MESOSPHERECI_USER_TOKEN }}
-        run: make KOMMANDER_REPO_PATH=${GITHUB_WORKSPACE}/kommander make flux-update
+        run: devbox run -- "make KOMMANDER_REPO_PATH=${GITHUB_WORKSPACE}/kommander make flux-update"

.github/workflows/lint.yaml

@@ -20,10 +20,16 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - name: Install tools
-        uses: asdf-vm/actions/install@v3
+      - name: Install NIX
+        uses: cachix/install-nix-action@v24
+
+      - name: Install devbox
+        uses: jetpack-io/[email protected]
+        with:
+          enable-cache: true
+          skip-nix-installation: true
 
       - name: Run pre-commit
         env:
           MAGEFILE_VERBOSE: true
-        run: ./mage lint:precommit
+        run: devbox run -- ./mage lint:precommit

.github/workflows/manifest-validation.yml

@@ -22,10 +22,14 @@ jobs:
         with:
           ssh-private-key: ${{ secrets.PRIVATE_SSH_KEY }}
 
-      - name: Setup asdf
-        uses: asdf-vm/actions/setup@v3
-        env:
-          GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Install NIX
+        uses: cachix/install-nix-action@v24
+
+      - name: Install devbox
+        uses: jetpack-io/[email protected]
+        with:
+          enable-cache: true
+          skip-nix-installation: true
 
       - name: Run tests
-        run: GOOS=linux GOARCH=amd64 make validate-manifests
+        run: devbox run -- "GOOS=linux GOARCH=amd64 make validate-manifests"

.github/workflows/release.yml

@@ -23,8 +23,14 @@ jobs:
         with:
           ssh-private-key: ${{ secrets.PRIVATE_SSH_KEY }}
 
-      - name: Install asdf & tools
-        uses: asdf-vm/actions/install@v3
+      - name: Install NIX
+        uses: cachix/install-nix-action@v24
+
+      - name: Install devbox
+        uses: jetpack-io/[email protected]
+        with:
+          enable-cache: true
+          skip-nix-installation: true
 
       - name: Configure AWS credentials
         uses: aws-actions/configure-aws-credentials@v4
@@ -42,4 +48,4 @@ jobs:
           DOCKER_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
           SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
           GIT_TAG: ${{ env.GIT_TAG }}
-        run: make release
+        run: devbox run -- make release

.github/workflows/test.yaml

@@ -15,11 +15,17 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
 
-      - name: Setup asdf
-        uses: asdf-vm/actions/setup@v3
+      - name: Install NIX
+        uses: cachix/install-nix-action@v24
+
+      - name: Install devbox
+        uses: jetpack-io/[email protected]
+        with:
+          enable-cache: true
+          skip-nix-installation: true
 
       - name: Run unit tests
-        run: make go-test
+        run: devbox run -- make go-test
 
       - name: Report Coveralls
         uses: coverallsapp/github-action@v2

.github/workflows/update-service-labeler.yaml

@@ -26,8 +26,16 @@ jobs:
           git_user_signingkey: true
           git_commit_gpgsign: true
           git_tag_gpgsign: true
-      - name: Setup asdf
-        uses: asdf-vm/actions/setup@v3
+
+      - name: Install NIX
+        uses: cachix/install-nix-action@v24
+
+      - name: Install devbox
+        uses: jetpack-io/[email protected]
+        with:
+          enable-cache: true
+          skip-nix-installation: true
+
       - name: Update .github/service-labeler.yaml
         run: make workflow-labeler-yaml-update
       - name: Commit and push changes

.github/workflows/validate-licenses.yaml

@@ -22,14 +22,22 @@ jobs:
         with:
           ref: ${{ github.head_ref }}
           fetch-depth: 0
-      - name: Setup asdf
-        uses: asdf-vm/actions/setup@v3
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Install NIX
+        uses: cachix/install-nix-action@v24
+
+      - name: Install devbox
+        uses: jetpack-io/[email protected]
+        with:
+          enable-cache: true
+          skip-nix-installation: true
+
       - name: Generate image list
         run: |
           export PATH=${PWD}/.local/bin:$PATH
-          make install-tool.helm install-tool.go.envsubst install-tool.go.gojq
-          helm plugin install https://github.com/d2iq-labs/helm-list-images
-          ./hack/list-images.sh > images.txt
+          devbox run -- helm plugin install https://github.com/d2iq-labs/helm-list-images
+          devbox run -- ./hack/list-images.sh > images.txt
           echo "printing contents of images.txt"
           cat images.txt
       - name: Update licenses

Makefile

@@ -1,10 +1 @@
 include make/all.mk
-
-# Versions for tools that are not managed by asdf.
-ASDF_VERSION=0.8.1
-DOCKER_VERSION=20.10.7
-
-# Inputs required to build the CI Docker image with a determinstic tag.
-CI_DOCKER_BUILD_ARGS=ASDF_VERSION=$(ASDF_VERSION)\
-		DOCKER_VERSION=$(DOCKER_VERSION)
-CI_DOCKER_EXTRA_FILES=.tool-versions

devbox.json

@@ -0,0 +1,28 @@
+{
+  "packages": {
+    "awscli2":         "latest",
+    "direnv":          "latest",
+    "docker":          "latest",
+    "envsubst":        "latest",
+    "fluxcd":          "latest",
+    "github-cli":      "latest",
+    "gitlint":         "latest",
+    "go":              "1.20",
+    "gojq":            "latest",
+    "golangci-lint":   "latest",
+    "kubernetes-helm": "latest",
+    "kustomize":       "latest",
+    "pre-commit":      "latest",
+    "yq-go":           "latest"
+  },
+  "shell": {
+    "scripts": {
+      "sync-go-version": [
+        "VERSION=$(go mod edit -json hack/release/go.mod | jq -r .Go)",
+        "tmp=$(mktemp)",
+        "jq \".packages.go = \\\"${VERSION}\\\"\" devbox.json > ${tmp}",
+        "mv ${tmp} devbox.json"
+      ]
+    }
+  }
+}