Use synergy/harmony to setup tools

Author: krostar

.envrc

@@ -1 +1,10 @@
-use flake
+#!/usr/bin/env bash
+
+if type -P lorri &>/dev/null; then
+  eval "$(lorri direnv)"
+elif type -v nix &>/dev/null; then
+  use flake .
+else
+  echo "The shell is set up via Nix, but it seems it is not installed."
+  echo "Please setup your shell manually following README's instructions."
+fi

.github/dependabot.yml

@@ -15,5 +15,3 @@ updates:
       interval: "monthly"
       day: "saturday"
     open-pull-requests-limit: 1
-
-...

.github/workflows/ci.yml

@@ -2,35 +2,73 @@
 
 name: "CI"
 on:
-  workflow_dispatch: {}
   push:
     branches: ["main"]
   pull_request:
     branches: ["main"]
-
 jobs:
-  tests:
+  check-quality:
     runs-on: "ubuntu-latest"
     steps:
-      - uses: "cachix/install-nix-action@v25"
+      # setup
+      - uses: "webfactory/[email protected]"
+        with:
+          ssh-private-key: "${{ secrets.SSH_PRIVATE_KEY }}"
+      - uses: "actions/checkout@v4"
+      - uses: "DeterminateSystems/nix-installer-action@v16"
         with:
-          nix_path: "nixpkgs=channel:nixpkgs-unstable"
-      - uses: "actions/checkout@v3"
-      - name: "Print installed nixpkgs version"
-        run: "nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'"
+          diagnostic-endpoint: ""
+      - uses: "DeterminateSystems/magic-nix-cache-action@v8"
+        with:
+          diagnostic-endpoint: ""
       - name: "Print flake metadata"
         run: "nix flake metadata"
+      - uses: "DeterminateSystems/flake-checker-action@v9"
+        with:
+          fail-mode: true
+          ignore-missing-flake-lock: false
+          nixpkgs-keys: "nixpkgs"
+          send-statistics: false
       - name: "Setup shell"
         run: "nix develop --command true"
+
+      # tests
+      - name: "Flake check"
+        run: "nix flake check --all-systems --print-build-logs"
+
+      - name: "Files respect Editorconfig configuration"
+        run: "nix develop --command editorconfig-checker"
+
+      - name: "Files respect treefmt format"
+        run: |
+          # we need to explicitly add all formatters except cue
+          # this is due to cue re-generating files, which would cause --fail-on-change to fail.
+          nix develop --command           \
+            treefmt                       \
+              --no-cache --fail-on-change \
+              --formatters alejandra      \
+              --formatters gci            \
+              --formatters gofumpt        \
+              --formatters goimports      \
+              --formatters jsonfmt        \
+              --formatters mdsh           \
+              --formatters shfmt          \
+              --formatters yamlfmt
+
       - name: "Run go unit tests"
         run: "nix develop --command go test -v -race -count=1 ./..."
-      - name: "Lint nix files"
-        run: "nix develop --command ./scripts/lint-nix.sh"
-      - name: "Lint go files"
-        run: "nix develop --command ./scripts/lint-go.sh"
-      - name: "Lint shell files"
-        run: "nix develop --command shellcheck **/*.sh"
-      - name: "Lint yaml files"
-        run: "nix develop --command yamllint --config-file .yamllint.yml ."
-
-...
+
+      - name: "Lint Github Actions"
+        run: "nix develop --command lint-ghaction"
+
+      - name: "Lint Shell scripts"
+        run: "nix develop --command lint-sh"
+
+      - name: "Lint Yaml configurations files"
+        run: "nix develop --command lint-yaml"
+
+      - name: "Lint Go code"
+        run: "nix develop --command lint-go"
+
+      - name: "Lint Nix code"
+        run: "nix develop --command lint-nix"

.gitignore

@@ -1 +1,5 @@
 /.direnv
+/result
+
+# nixago: ignore-linked-files
+/.editorconfig