GitHub
Dagger provides a number of GitHub-specific features that make it easier to develop and run CI pipelines in GitHub repositories.
- Dagger provides a GitHub Action that can be used in any GitHub Actions workflow to call one or more Dagger Functions on specific events, such as a new commit.
- Dagger supports publishing container images to GitHub Container Registry
- Dagger Functions can directly use GitHub pull requests as arguments.
How it works
GitHub Actions
When running a CI pipeline with Dagger using GitHub Actions, the general workflow looks like this:
- GitHub receives a workflow trigger based on a repository event.
- GitHub begins processing the jobs and steps in the workflow.
- GitHub finds the "Dagger for GitHub" action and passes control to it.
- The "Dagger for GitHub" action calls the Dagger CLI with the specified sub-command, module, function name, and arguments.
- The Dagger CLI attempts to find an existing Dagger Engine or spins up a new one inside the GitHub Actions runner.
- The Dagger CLI executes the specified sub-command and sends telemetry to Dagger Cloud if the
DAGGER_CLOUD_TOKEN
environment variable is set. - The workflow completes with success or failure. Logs appear in GitHub as usual.
GitHub pull requests
GitHub contains a shorthand redirect at the /merge
endpoint that allows you to reference the correct branch of a repository from a pull request (PR), without needing to know anything about the fork or branch where the PR came from.
Prerequisites
- A GitHub repository
Examples
GitHub Actions
The following example demonstrates how to call a Dagger Function in a GitHub Actions workflow.
name: dagger
on:
push:
branches: [main]
jobs:
hello:
name: hello
runs-on: ubuntu-latest
steps:
-
name: Call Dagger Function
uses: dagger/dagger-for-github@v6
with:
version: "latest"
verb: call
module: github.com/shykes/daggerverse/hello@v0.1.2
args: hello --greeting="bonjour" --name="monde"
# assumes the Dagger Cloud token is in
# a repository secret named DAGGER_CLOUD_TOKEN
# set via the GitHub UI/CLI
cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
The following is a more complex example demonstrating how to create a GitHub Actions workflow that checks out source code, calls a Dagger Function to test the project, and then calls another Dagger Function to build and publish a container image of the project. This example uses a simple Go application and assumes that you have already forked it in your own GitHub repository.
name: dagger
on:
push:
branches: [main]
jobs:
test:
name: test
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
-
name: Test
uses: dagger/dagger-for-github@v6
with:
version: "latest"
verb: call
module: github.com/kpenfound/dagger-modules/golang@v0.2.0
args: test --source=.
# assumes the Dagger Cloud token is in
# a repository secret named DAGGER_CLOUD_TOKEN
# set via the GitHub UI/CLI
cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
build:
name: build
runs-on: ubuntu-latest
needs: test
steps:
- name: Checkout
uses: actions/checkout@v4
-
name: Call Dagger Function
uses: dagger/dagger-for-github@v6
with:
version: "latest"
verb: call
module: github.com/kpenfound/dagger-modules/golang@v0.2.0
args: build-container --source=. --args=. publish --address=ttl.sh/my-app-$RANDOM
# assumes the Dagger Cloud token is in
# a repository secret named DAGGER_CLOUD_TOKEN
# set via the GitHub UI/CLI
cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
The following example demonstrates how to use a Dagger Function in a GitHub Actions workflow to publish a container image to GitHub Container Registry.
name: dagger
on:
push:
branches: [main]
jobs:
build-publish:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Call Dagger Function to build and publish to ghcr.io
uses: dagger/dagger-for-github@v6
with:
version: "latest"
verb: call
module: github.com/daggerverse/dagger-ghcr-demo@v0.1.5
args: build-and-push --registry=$DOCKER_REGISTRY --image-name=$DOCKER_IMAGE_NAME --username=$DOCKER_USERNAME --password=env:DOCKER_PASSWORD --build-context=github.com/daggerverse/dagger-ghcr-demo
# assumes the Dagger Cloud token is in
# a repository secret named DAGGER_CLOUD_TOKEN
# set via the GitHub UI/CLI
cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
env:
DOCKER_REGISTRY: ghcr.io
DOCKER_IMAGE_NAME: ${{ github.repository }}
DOCKER_USERNAME: ${{ github.actor }}
# assumes the container registry password is in
# a repository secret named REGISTRY_PASSWORD
# set via the GitHub UI/CL
DOCKER_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
More information is available in the Dagger for GitHub page.
SSH configuration
When using SSH keys in GitHub Actions, ensure proper SSH agent setup:
- name: Set up SSH
run: |
eval "$(ssh-agent -s)"
ssh-add - <<< '${{ secrets.SSH_PRIVATE_KEY }}'
Replace ${{ secrets.SSH_PRIVATE_KEY }}
with your provider secret containing the private key.
GitHub pull requests
Pull requests as function arguments
By default, the Dagger Directory
type works with both local directories and remote Git repositories. This makes it easy to work with the directory tree at the root of a Git repository or a given branch.
Given a Dagger Function called foo
that accepts a Directory
as argument, you can pass it a GitHub pull request URL as argument like this:
dagger call foo --directory=https://github.com/ORGANIZATION/REPOSITORY#pull/NUMBER/merge
Pull requests as modules
If your GitHub repository contains a Dagger module, you can test the functionality of a specific branch by calling the Dagger module with the corresponding pull request URL, as shown below:
dagger call -m github.com/ORGANIZATION/REPOSITORY@pull/NUMBER/merge --help
Resources
If you have any questions about additional ways to use GitHub with Dagger, join our Discord and ask your questions in our GitHub channel.
About GitHub
GitHub is a popular Web-based platform used for version control and collaboration. It allows developers to store and manage their code in repositories, track changes over time, and collaborate with other developers on projects.