diff --git a/AGENTS.md b/AGENTS.md index c8861d8..c6e0fad 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -107,9 +107,9 @@ just test # Run the unit test suite (auto-runs `go generate` first). just check # A convenient alias for fmt + lint + test. ``` -### 4.2. Pre-commit Hooks +### 4.2. Prek Hooks -This repository uses **pre-commit** to automate quality checks before each commit. +This repository uses **prek** to automate quality checks before each commit. The hooks are configured in `.pre-commit-config.yaml` to run `just fmt`, `just lint`, and `just test`. If any of the hooks fail, the commit will not be created. diff --git a/docs/TROUBLESHOOTING.md b/docs/TROUBLESHOOTING.md index 81141e8..482b8fa 100644 --- a/docs/TROUBLESHOOTING.md +++ b/docs/TROUBLESHOOTING.md @@ -12,5 +12,5 @@ **Problem**: Tests failing with "command not found" - **Solution**: Enter Nix shell with `nix develop` or `direnv allow`. All dev tools are provided by the flake. -**Problem**: Pre-commit hooks not running -- **Solution**: Run `pre-commit install` to install git hooks, then `pre-commit run -a` to test all files. +**Problem**: Prek hooks not running +- **Solution**: Run `prek install` to install git hooks, then `prek run -a` to test all files. diff --git a/flake.lock b/flake.lock index d3ce5d6..142f2e8 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,21 @@ { "nodes": { + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1767039857, + "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", + "owner": "NixOS", + "repo": "flake-compat", + "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "flake-compat", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -18,34 +34,117 @@ "type": "github" } }, + "flake-utils_2": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "git-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "go-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1778507602, + "narHash": "sha256-kTwur1wV+01SdqskVMSo6JMEpg71ps3HpbFY2GsflKs=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "61ab0e80d9c7ab14c256b5b453d8b3fb0189ba0a", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "go-overlay", + "git-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "go-overlay": { + "inputs": { + "flake-utils": "flake-utils_2", + "git-hooks": "git-hooks", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1781844949, + "narHash": "sha256-UyfsHNsFw1SbPXD4nkpUbrt78YP2Rg6prle6BQw0/ZA=", + "owner": "purpleclay", + "repo": "go-overlay", + "rev": "049f906b44c05df13cc7294c509afb42cd616fb1", + "type": "github" + }, + "original": { + "owner": "purpleclay", + "repo": "go-overlay", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1781607440, - "narHash": "sha256-rxO+uc/KFbSJp+pgyXRuAX6QlG9hJdnt0BXpEQRXY+U=", - "owner": "NixOS", + "lastModified": 1778869304, + "narHash": "sha256-30sZNZoA1cqF5JNO9fVX+wgiQYjB7HJqqJ4ztCDeBZE=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "3e41b24abd260e8f71dbe2f5737d24122f972158", + "rev": "d233902339c02a9c334e7e593de68855ad26c4cb", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", + "owner": "nixos", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs-25-11": { + "nixpkgs_2": { "locked": { - "lastModified": 1781509190, - "narHash": "sha256-uJZs9Di8I6ciTp6jiojj0HzlNpBkud8ax5aT/O5aJkw=", + "lastModified": 1781607440, + "narHash": "sha256-rxO+uc/KFbSJp+pgyXRuAX6QlG9hJdnt0BXpEQRXY+U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d6df3513510aa548c83868fd22bfddd0a8c0a0d4", + "rev": "3e41b24abd260e8f71dbe2f5737d24122f972158", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-25.11", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -53,8 +152,8 @@ "root": { "inputs": { "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs", - "nixpkgs-25-11": "nixpkgs-25-11" + "go-overlay": "go-overlay", + "nixpkgs": "nixpkgs_2" } }, "systems": { @@ -71,6 +170,21 @@ "repo": "default", "type": "github" } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index b50ae00..f66f2b5 100644 --- a/flake.nix +++ b/flake.nix @@ -1,14 +1,14 @@ { inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; - nixpkgs-25-11.url = "github:NixOS/nixpkgs/nixos-25.11"; + go-overlay.url = "github:purpleclay/go-overlay"; flake-utils.url = "github:numtide/flake-utils"; }; outputs = { self, nixpkgs, - nixpkgs-25-11, + go-overlay, flake-utils, }: let @@ -19,14 +19,13 @@ else prev.callPackage ./package.nix { }; }; - useLatestGoVersion = - final: prev: - let - nixpkgs = import nixpkgs-25-11 { inherit (prev) system; }; - in - { - go_1_26 = nixpkgs.go_1_26; - }; + useLatestGoVersion = final: prev: { + go_latest = final.go-bin.latestStable; + # Use buildPackages so the Go toolchain runs on the build platform while + # still cross-compiling for the target (matches nixpkgs' buildGo*Module), + # otherwise cross builds pick the target-arch Go binary and fail to exec. + buildGoLatestModule = prev.buildGoLatestModule.override { go = final.buildPackages.go-bin.latestStable; }; + }; flake = flake-utils.lib.eachDefaultSystem ( system: let @@ -35,6 +34,7 @@ config.allowUnfree = true; overlays = [ self.overlays.default + go-overlay.overlays.default useLatestGoVersion ]; }; @@ -51,19 +51,19 @@ mkShell { packages = [ ginkgo - go_1_26 + go_latest govulncheck gofumpt golangci-lint just mockgen nix-prefetch-docker - pre-commit + prek skopeo sd ]; shellHook = '' - pre-commit install + prek install ''; }; diff --git a/justfile b/justfile index b2f8b21..6806330 100644 --- a/justfile +++ b/justfile @@ -39,7 +39,7 @@ update: nix develop --command go get -u -t -v ./... nix develop --command go mod tidy nix develop --command just rehash-package-nix - nix develop --command pre-commit autoupdate + nix develop --command prek autoupdate nix develop --command just update-base-images # Re-calculate the vendorHash from the package.nix diff --git a/package.nix b/package.nix index 4a4c610..2a00ec8 100644 --- a/package.nix +++ b/package.nix @@ -1,5 +1,5 @@ -{ buildGo126Module, versionCheckHook }: -buildGo126Module (finalAttrs: { +{ buildGoLatestModule, versionCheckHook }: +buildGoLatestModule (finalAttrs: { pname = "sysdig-mcp-server"; version = "3.0.0"; src = ./.;