CI/CD
GitHub Actions Workflows
| Workflow | Trigger | Description |
|---|---|---|
build-test.yaml |
PR / push to main | Dagger lint + build + test |
build-scan-image.yaml |
Push to main | ko build + Trivy scan |
release.yaml |
After image build / manual | Semantic release + stage image + push kustomize OCI |
lint-repo.yaml |
PR / push to main | Repository linting |
Dagger Functions
The dagger/ module provides:
| Function | Description |
|---|---|
Lint |
Go linting via golangci-lint |
Build |
Build Go binary |
BuildImage |
Build container image with ko |
ScanImage |
Trivy vulnerability scan |
BuildAndTestBinary |
Build + Redis integration test |
Taskfile
Common tasks available via task:
task lint # Run golangci-lint
task build # Build Go binary
task test # Run tests
task render-manifests # Render KCL manifests
task build-scan-image-ko # Build + scan with ko
Release Process
Releases are automated via semantic-release:
- Push to
maintriggers build + image workflow - On success, release workflow runs semantic-release
- If releasable commits exist, a new version tag is created
- Container image is staged from
:mainto:vX.Y.Z - Kustomize base is pushed as OCI artifact to GHCR