Dagger
Search

fork-audit

Runs against a fork checkout (via umbrella submodule pointer) — external
CI that never adds a byte to the fork's main. Provides drift + license +
MegaLinter + upstream-parity checks.

Umbrella workflow: chirag127/workspace/.github/workflows/fork-ci.yml

Installation

dagger install github.com/chirag127/workflows/dagger/fork-audit@c00f0b78c773ec3d2a9a9e01ac8a93646fe95cfe

Entrypoint

Return Type
ForkAudit
Example
dagger -m github.com/chirag127/workflows/dagger/fork-audit@c00f0b78c773ec3d2a9a9e01ac8a93646fe95cfe call \
func (m *MyModule) Example() *dagger.ForkAudit  {
	return dag.
			Forkaudit()
}
@function
def example() -> dagger.ForkAudit:
	return (
		dag.fork_audit()
	)
@func()
example(): ForkAudit {
	return dag
		.forkAudit()
}

Types

ForkAudit 🔗

driftCheck() 🔗

Confirm the fork tree is byte-identical to upstream/main per no-fork-divergence. Requires the fork checkout to have upstream configured; fork-ci.yml sets it up.

Return Type
String !
Arguments
NameTypeDefault ValueDescription
sourceDirectory !-No description provided
Example
dagger -m github.com/chirag127/workflows/dagger/fork-audit@c00f0b78c773ec3d2a9a9e01ac8a93646fe95cfe call \
 drift-check --source DIR_PATH
func (m *MyModule) Example(ctx context.Context, source *dagger.Directory) string  {
	return dag.
			Forkaudit().
			Driftcheck(ctx, source)
}
@function
async def example(source: dagger.Directory) -> str:
	return await (
		dag.fork_audit()
		.driftcheck(source)
	)
@func()
async example(source: Directory): Promise<string> {
	return dag
		.forkAudit()
		.driftCheck(source)
}

megalint() 🔗

MegaLinter security-only pass against the fork tree. Advisory: any finding posts a status but doesn’t gate our commit-status back to the fork.

Return Type
String !
Arguments
NameTypeDefault ValueDescription
sourceDirectory !-No description provided
Example
dagger -m github.com/chirag127/workflows/dagger/fork-audit@c00f0b78c773ec3d2a9a9e01ac8a93646fe95cfe call \
 megalint --source DIR_PATH
func (m *MyModule) Example(ctx context.Context, source *dagger.Directory) string  {
	return dag.
			Forkaudit().
			Megalint(ctx, source)
}
@function
async def example(source: dagger.Directory) -> str:
	return await (
		dag.fork_audit()
		.megalint(source)
	)
@func()
async example(source: Directory): Promise<string> {
	return dag
		.forkAudit()
		.megalint(source)
}

licenseCheck() 🔗

License audit — the fork must ship the upstream LICENSE unchanged.

Return Type
String !
Arguments
NameTypeDefault ValueDescription
sourceDirectory !-No description provided
Example
dagger -m github.com/chirag127/workflows/dagger/fork-audit@c00f0b78c773ec3d2a9a9e01ac8a93646fe95cfe call \
 license-check --source DIR_PATH
func (m *MyModule) Example(ctx context.Context, source *dagger.Directory) string  {
	return dag.
			Forkaudit().
			Licensecheck(ctx, source)
}
@function
async def example(source: dagger.Directory) -> str:
	return await (
		dag.fork_audit()
		.licensecheck(source)
	)
@func()
async example(source: Directory): Promise<string> {
	return dag
		.forkAudit()
		.licenseCheck(source)
}

ci() 🔗

Full audit: drift + license + megalint. Any single failure fails the audit.

Return Type
String !
Arguments
NameTypeDefault ValueDescription
sourceDirectory !-No description provided
Example
dagger -m github.com/chirag127/workflows/dagger/fork-audit@c00f0b78c773ec3d2a9a9e01ac8a93646fe95cfe call \
 ci --source DIR_PATH
func (m *MyModule) Example(ctx context.Context, source *dagger.Directory) string  {
	return dag.
			Forkaudit().
			Ci(ctx, source)
}
@function
async def example(source: dagger.Directory) -> str:
	return await (
		dag.fork_audit()
		.ci(source)
	)
@func()
async example(source: Directory): Promise<string> {
	return dag
		.forkAudit()
		.ci(source)
}