Don't unlazy the build

.github/actions/setup-tracing/action.yml

@@ -0,0 +1,16 @@
+outputs:
+  tracing-id:
+    description: ID of the running otel collector container
+    value: ${{ steps.setup.outputs.tracing-id }}
+  traces-path:
+    description: Path where traces are output
+    value: ${{ steps.setup.outputs.traces-path }}
+
+name: setup-tracing
+runs:
+  using: 'composite'
+  steps:
+    - name: Setup
+      id: setup
+      shell: bash
+      run: .github/actions/setup-tracing/setup.sh

.github/actions/setup-tracing/setup.sh

@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+
+set -eu -o pipefail
+
+# Use the bake target for the image
+# This makes it so dependabot can automatically update the image for us.
+# OTEL_COLLECTOR_REF is read in the bake file to set the image tag for the otel-collector image.
+export OTEL_COLLECTOR_REF=local/ci/otel-collector:latest 
+docker buildx bake otel-collector
+
+TRACES_PATH="$(mktemp -d)"
+chmod 777 "${TRACES_PATH}" # otel container runs as non-root
+
+id="$(docker run -d \
+		--mount "type=bind,source=$(pwd)/.github/workflows/otel-config.yml,target=/etc/otelcol-contrib/config.yaml" \
+		--mount "type=bind,source=${TRACES_PATH},target=/data" \
+		--net=host \
+		--restart=always \
+		${OTEL_COLLECTOR_REF} \
+			--config file:/etc/otelcol-contrib/config.yaml)"
+
+echo "traces-path=${TRACES_PATH}" >> "${GITHUB_OUTPUT}"
+echo "tracing-id=${id}" >> "${GITHUB_OUTPUT}"
+
+docker0_ip="$(ip -f inet addr show docker0 | grep -Po 'inet \K[\d.]+')"
+OTEL_EXPORTER_OTLP_ENDPOINT="http://${docker0_ip}:4318"
+echo "OTEL_EXPORTER_OTLP_ENDPOINT=${OTEL_EXPORTER_OTLP_ENDPOINT}" >> "${GITHUB_ENV}"
+
+OTEL_SERVICE_NAME="dalec-integration-test"
+echo "OTEL_SERVICE_NAME=${OTEL_SERVICE_NAME}" >> "${GITHUB_ENV}"
+
+OTEL_EXPORTER_OTLP_PROTOCOL=http/protobuf
+echo "OTEL_EXPORTER_OTLP_PROTOCOL=${OTEL_EXPORTER_OTLP_PROTOCOL}" >> "${GITHUB_ENV}"
+
+tmp="$(mktemp)"
+echo "[Service]" > "${tmp}"
+echo "Environment=\"OTEL_EXPORTER_OTLP_ENDPOINT=${OTEL_EXPORTER_OTLP_ENDPOINT}\"" >> "${tmp}"
+echo "Environment=\"OTEL_EXPORTER_OTLP_PROTOCOL=${OTEL_EXPORTER_OTLP_PROTOCOL}\"" >> "${tmp}"
+
+sudo mkdir -p /etc/systemd/system/docker.service.d
+sudo mkdir -p /etc/systemd/system/containerd.service.d
+sudo cp "${tmp}" /etc/systemd/system/docker.service.d/otlp.conf
+sudo cp "${tmp}" /etc/systemd/system/containerd.service.d/otlp.conf
+
+sudo systemctl daemon-reload
+sudo systemctl restart containerd
+sudo systemctl restart docker

.github/actions/teardown-tracing/action.yml

@@ -0,0 +1,27 @@
+inputs:
+  artifact-name:
+    description: Name to use when uploading tracing artifacts
+    required: true
+  tracing-id:
+    description: tracing-id that was output by the setup-tracing action.
+    required: true
+  traces-path:
+    description: Path to the trace artifacts. This should be output from the setup-tracing action
+    required: true
+
+name: teardown-tracing
+runs:
+  using: 'composite'
+  steps:
+    - name: Shutdown trace collector
+      shell: bash
+      run: docker stop "${{ inputs.tracing-id }}"
+    - name: Fix perms
+      shell: bash
+      run: sudo chown -R $(id -u) "${{ inputs.traces-path }}"
+    - name: Upload Traces
+      uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
+      with:
+        name: "${{ inputs.artifact-name }}"
+        path: ${{ inputs.traces-path }}/*
+        retention-days: 7

.github/workflows/ci.yml

@@ -119,6 +119,9 @@ jobs:
           go-version: '1.24'
           cache: false
 
+      - name: Cleanup runner
+        run: docker system prune -f --volumes --all
+
       - name: checkout
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
 
@@ -131,33 +134,21 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Setup jaeger
-        run: |
-          set -e
-          docker run -d --net=host --restart=always --name jaeger -e COLLECTOR_OTLP_ENABLED=true jaegertracing/all-in-one:1.62.0
-          docker0_ip="$(ip -f inet addr show docker0 | grep -Po 'inet \K[\d.]+')"
-          echo "OTEL_EXPORTER_OTLP_ENDPOINT=ghcr.io/project-dalec/dalec/mirror/dockerhub/jaegertracing/all-in-one:1.62.0" >> "${GITHUB_ENV}"
-          echo "OTEL_SERVICE_NAME=dalec-integration-test" >> "${GITHUB_ENV}"
-
-          tmp="$(mktemp)"
-          echo "[Service]" > "${tmp}"
-          echo "Environment=\"OTEL_EXPORTER_OTLP_ENDPOINT=http://${docker0_ip}:4318\"" >> "${tmp}"
-
-          sudo mkdir -p /etc/systemd/system/docker.service.d
-          sudo mkdir -p /etc/systemd/system/containerd.service.d
-          sudo cp "${tmp}" /etc/systemd/system/docker.service.d/otlp.conf
-          sudo cp "${tmp}" /etc/systemd/system/containerd.service.d/otlp.conf
-
-          sudo systemctl daemon-reload
-          sudo systemctl restart containerd
-          sudo systemctl restart docker
-
+      - name: Setup tracing
+        id: setup-tracing
+        uses: ./.github/actions/setup-tracing
       - name: download deps
         run: go mod download
       - name: Setup QEMU
         run: docker run --rm --privileged tonistiigi/binfmt:latest --install all
       - name: Setup source policy
         uses: ./.github/actions/setup-source-policy
+      - name: Get docker info
+        run: |
+          docker info
+          docker version
+          docker buildx version
+          containerd --version
       - name: Run integration tests
         run: |
           set -ex
@@ -171,21 +162,13 @@ jobs:
         env:
           TEST_SUITE: ${{ matrix.suite }}
           TEST_SKIP: ${{ matrix.skip }}
-      - name: Get traces
+      - name: Finalize traces
         if: always()
-        run: |
-          set -ex
-          mkdir -p /tmp/reports
-          curl -sSLf localhost:16686/api/traces?service=${OTEL_SERVICE_NAME} > /tmp/reports/jaeger-tests.json
-          curl -sSLf localhost:16686/api/traces?service=containerd > /tmp/reports/jaeger-containerd.json
-          curl -sSLf localhost:16686/api/traces?service=docker > /tmp/reports/jaeger-docker.json
-      - name: Upload reports
-        if: always()
-        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
+        uses: ./.github/actions/teardown-tracing
         with:
-          name: integration-test-reports-${{matrix.suite}}
-          path: /tmp/reports/*
-          retention-days: 1
+          artifact-name: integration-test-traces-${{matrix.suite}}
+          tracing-id: ${{ steps.setup-tracing.outputs.tracing-id }}
+          traces-path: ${{ steps.setup-tracing.outputs.traces-path }}
       - name: Upload reports
         if: always()
         uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
@@ -312,4 +295,3 @@ jobs:
           name: e2e-dockerd-logs-diffmerge=${{ matrix.disable_diff_merge }}
           path: ${{ steps.dump-logs.outputs.DOCKERD_LOG_PATH }}
           retention-days: 1
-

.github/workflows/otel-config.yml

@@ -0,0 +1,24 @@
+receivers:
+  otlp:
+    protocols:
+      grpc:
+        endpoint: 0.0.0.0:4317
+      http:
+        endpoint: 0.0.0.0:4318
+
+processors:
+  batch:
+
+exporters:
+  file:
+    path: /data/trace.jsonl
+    flush_interval: 1s
+    rotation:
+      max_megabytes: 18   # Jaeger will reject file uploads larger than 20MB by default
+
+service:
+  pipelines:
+    traces:
+      receivers: [otlp]
+      processors: [batch]
+      exporters: [file]

Dockerfile

@@ -1,5 +1,7 @@
 FROM --platform=${BUILDPLATFORM} golang:1.25@sha256:a22b2e6c5e753345b9759fba9e5c1731ebe28af506745e98f406cc85d50c828e AS go
 
+FROM ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector:0.142.0 AS otel-collector
+
 FROM go  AS frontend-build
 WORKDIR /build
 COPY . .

cmd/frontend/git_credential_helper.go

@@ -3,16 +3,26 @@ package main
 import (
 	"bufio"
 	"bytes"
+	"context"
 	"encoding/base64"
 	"flag"
 	"fmt"
 	"io"
 	"os"
 	"path/filepath"
 	"strings"
+
+	"github.com/project-dalec/dalec/internal/commands"
+	"github.com/project-dalec/dalec/internal/plugins"
 )
 
+func init() {
+	commands.RegisterPlugin(credHelperSubcmd, plugins.CmdHandlerFunc(credentialHelperCmd))
+}
+
 const (
+	credHelperSubcmd = "credential-helper"
+
 	keyProtocol          = "protocol"
 	keyHost              = "host"
 	keyPath              = "path"
@@ -71,7 +81,7 @@ type credConfig struct {
 	kind string
 }
 
-func gomodMain(args []string) {
+func credentialHelperCmd(ctx context.Context, args []string) {
 	var cfg credConfig
 	fs := flag.NewFlagSet(credHelperSubcmd, flag.ExitOnError)
 	fs.Func("kind", "the kind of secret to retrieve (token or header)", readKind(&cfg.kind))

cmd/frontend/main.go

@@ -1,25 +1,28 @@
 package main
 
 import (
+	"context"
 	_ "embed"
 	"flag"
 	"fmt"
 	"os"
+	"path/filepath"
 
+	"github.com/containerd/plugin"
 	"github.com/moby/buildkit/frontend/gateway/grpcclient"
 	"github.com/moby/buildkit/util/appcontext"
 	"github.com/moby/buildkit/util/bklog"
 	"github.com/project-dalec/dalec/frontend"
 	"github.com/project-dalec/dalec/internal/frontendapi"
-	"github.com/project-dalec/dalec/internal/testrunner"
+	"github.com/project-dalec/dalec/internal/plugins"
 	"github.com/sirupsen/logrus"
 	"google.golang.org/grpc/grpclog"
+
+	_ "github.com/project-dalec/dalec/internal/commands"
 )
 
 const (
 	Package = "github.com/project-dalec/dalec/cmd/frontend"
-
-	credHelperSubcmd = "credential-helper"
 )
 
 func init() {
@@ -28,40 +31,62 @@ func init() {
 }
 
 func main() {
-	fs := flag.CommandLine
-	fs.Usage = func() {
-		fmt.Fprintf(os.Stderr, `usage: %s [subcommand [args...]]`, os.Args[0])
-	}
+	flags := flag.NewFlagSet(filepath.Base(os.Args[0]), flag.ExitOnError)
 
-	if err := fs.Parse(os.Args); err != nil {
+	if err := flags.Parse(os.Args[1:]); err != nil {
 		bklog.L.WithError(err).Fatal("error parsing frontend args")
 		os.Exit(70) // 70 is EX_SOFTWARE, meaning internal software error occurred
+	}
 
+	ctx := appcontext.Context()
+	if flags.NArg() == 0 {
+		dalecMain(ctx)
+		return
 	}
 
-	subCmd := fs.Arg(1)
-
-	// NOTE: for subcommands we take args[2:]
-	// skip args[0] (the executable) and args[1] (the subcommand)
-
-	// each "sub-main" function handles its own exit
-	switch subCmd {
-	case credHelperSubcmd:
-		args := flag.Args()[2:]
-		gomodMain(args)
-	case testrunner.StepRunnerCmdName:
-		args := flag.Args()[2:]
-		testrunner.StepCmd(args)
-	case testrunner.CheckFilesCmdName:
-		args := flag.Args()[2:]
-		testrunner.CheckFilesCmd(args)
-	default:
-		dalecMain()
+	h, err := lookupCmd(ctx, flags.Arg(0))
+	if err != nil {
+		bklog.L.WithError(err).Fatal("error handling command")
+		os.Exit(70) // 70 is EX_SOFTWARE, meaning internal software error occurred
+	}
+
+	if h == nil {
+		fmt.Fprintln(os.Stderr, "unknown subcommand:", flags.Arg(1))
+		fmt.Fprintln(os.Stderr, "full args:", flag.Args())
+		fmt.Fprintln(os.Stderr, "If you see this message this is probably a bug in dalec.")
+		os.Exit(64) // 64 is EX_USAGE, meaning command line usage error
 	}
+
+	h.HandleCmd(ctx, flags.Args()[1:])
 }
 
-func dalecMain() {
-	ctx := appcontext.Context()
+func lookupCmd(ctx context.Context, cmd string) (plugins.CmdHandler, error) {
+	set := plugin.NewPluginSet()
+	filter := func(r *plugins.Registration) bool {
+		return r.Type != plugins.TypeCmd || r.ID != cmd
+	}
+
+	for _, r := range plugins.Graph(filter) {
+		cfg := plugin.NewContext(ctx, set, nil)
+
+		p := r.Init(cfg)
+
+		v, err := p.Instance()
+		if plugin.IsSkipPlugin(err) {
+			continue
+		}
+
+		if err != nil {
+			return nil, err
+		}
+
+		return v.(plugins.CmdHandler), nil
+	}
+
+	return nil, nil
+}
+
+func dalecMain(ctx context.Context) {
 	mux, err := frontendapi.NewBuildRouter(ctx)
 	if err != nil {
 		bklog.L.WithError(err).Fatal("error creating frontend router")

docker-bake.hcl

@@ -10,6 +10,10 @@ variable "FRONTEND_REF" {
     default = "local/dalec/frontend"
 }
 
+variable "OTEL_COLLECTOR_REF" {
+    default = "local/dalec/otel-collector"
+}
+
 // This is used to forcibly diff/merge ops in the frontend for testing purposes.
 // Set to "1" to disable diff/merge ops.
 variable "DALEC_DISABLE_DIFF_MERGE" {
@@ -44,6 +48,11 @@ target "lint" {
     EOT
 }
 
+target "otel-collector" {
+  target = "otel-collector"
+  tags = [OTEL_COLLECTOR_REF]
+}
+
 variable "RUNC_COMMIT" {
     default = "v1.1.9"
 }

docs/examples/go-md2man.yml

@@ -1,3 +1,4 @@
+# syntax=local/dalec/frontend:latest
 # syntax=ghcr.io/project-dalec/dalec/frontend:latest
 
 name: go-md2man