diff --git a/.envrc b/.envrc
index 3335ff6d68b950f402ed323f0901ac75a659b08c..fb06536f727f74f04d598edf3725fa548d56ecb4 100644
--- a/.envrc
+++ b/.envrc
@@ -1,7 +1,6 @@
-if ! has nix_direnv_version || ! nix_direnv_version 3.0.5; then
- source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.5/direnvrc" "sha256-RuwIS+QKFj/T9M2TFXScjBsLR6V3A17YVoEW/Q6AZ1w="
+if ! has nix_direnv_version || ! nix_direnv_version 3.0.6; then
+ source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.6/direnvrc" "sha256-RYcUJaRMf8oF5LznDrlCXbkOQrywm0HDv1VjYGaJGdM="
fi
-
-use flake
+use flake . --impure
dotenv_if_exists
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 558bee87321d10fbdcccfdc378329694be9f6c11..c11e7ab258a786cf67bbf149979d916197cf71f3 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -2,7 +2,7 @@ name: CI
on:
push:
- branches: [ master ]
+ branches: [master]
pull_request:
permissions:
@@ -71,7 +71,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
- go-version: "1.21"
+ go-version: "1.23"
- name: Download tool dependencies
run: make deps
@@ -142,7 +142,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
- go-version: "1.21"
+ go-version: "1.23"
- name: Download golangci-lint
run: make bin/golangci-lint
diff --git a/.gitignore b/.gitignore
index 66dc41ccfe195725cb575d0f649b35857baff88e..11cfbe81a6d93d4dfff2fed57d26f89a481c3875 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+/.devenv/
/.direnv/
/.idea/
/bin/
diff --git a/Makefile b/Makefile
index e808890e6da51aa9aaf4eaad501cecfc2c41579c..a0939f96d2596e763fa876cd8f7989d380f5ba73 100644
--- a/Makefile
+++ b/Makefile
@@ -18,8 +18,8 @@ export GOBIN=$(PWD)/bin
LD_FLAGS="-w -X main.version=$(VERSION)"
# Dependency versions
-GOLANGCI_VERSION = 1.56.2
-GOTESTSUM_VERSION ?= 1.10.1
+GOLANGCI_VERSION = 1.63.4
+GOTESTSUM_VERSION ?= 1.12.0
PROTOC_VERSION = 24.4
PROTOC_GEN_GO_VERSION = 1.32.0
diff --git a/api/v2/go.mod b/api/v2/go.mod
index 2e44fa83b367ec5aee8729e5f4de9a79564011ad..1e5863cd6b85c97fdbb7ea2646afe7f63d21469d 100644
--- a/api/v2/go.mod
+++ b/api/v2/go.mod
@@ -1,6 +1,6 @@
module github.com/dexidp/dex/api/v2
-go 1.21
+go 1.23
require (
google.golang.org/grpc v1.65.0
diff --git a/examples/go.mod b/examples/go.mod
index 5da715d464a301dbc190546ebfefa519393ca14c..5f6f81a502ad645e32ea7967a7c616b36c4b4a3d 100644
--- a/examples/go.mod
+++ b/examples/go.mod
@@ -1,6 +1,6 @@
module github.com/dexidp/dex/examples
-go 1.21
+go 1.23
require (
github.com/coreos/go-oidc/v3 v3.11.0
diff --git a/flake.lock b/flake.lock
index b547f3f59b4476bfd933cb37cb6ea85db9f2f470..625e2c125372706f33406658ae64c152eef3b69f 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,58 +1,292 @@
{
"nodes": {
- "flake-utils": {
+ "cachix": {
"inputs": {
- "systems": "systems"
+ "devenv": [
+ "devenv"
+ ],
+ "flake-compat": [
+ "devenv"
+ ],
+ "git-hooks": [
+ "devenv"
+ ],
+ "nixpkgs": "nixpkgs"
+ },
+ "locked": {
+ "lastModified": 1728672398,
+ "narHash": "sha256-KxuGSoVUFnQLB2ZcYODW7AVPAh9JqRlD5BrfsC/Q4qs=",
+ "owner": "cachix",
+ "repo": "cachix",
+ "rev": "aac51f698309fd0f381149214b7eee213c66ef0a",
+ "type": "github"
+ },
+ "original": {
+ "owner": "cachix",
+ "ref": "latest",
+ "repo": "cachix",
+ "type": "github"
+ }
+ },
+ "devenv": {
+ "inputs": {
+ "cachix": "cachix",
+ "flake-compat": "flake-compat",
+ "git-hooks": "git-hooks",
+ "nix": "nix",
+ "nixpkgs": "nixpkgs_3"
+ },
+ "locked": {
+ "lastModified": 1736426010,
+ "narHash": "sha256-d0rE+u8/rQjXLvDobz1StGTfqvRKvq+8kVsHnIGVD1o=",
+ "owner": "cachix",
+ "repo": "devenv",
+ "rev": "1c384bc4be3ee571511fbbc6fdc94fe47d60f6cf",
+ "type": "github"
+ },
+ "original": {
+ "owner": "cachix",
+ "repo": "devenv",
+ "type": "github"
+ }
+ },
+ "flake-compat": {
+ "flake": false,
+ "locked": {
+ "lastModified": 1696426674,
+ "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
+ "owner": "edolstra",
+ "repo": "flake-compat",
+ "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+ "type": "github"
+ },
+ "original": {
+ "owner": "edolstra",
+ "repo": "flake-compat",
+ "type": "github"
+ }
+ },
+ "flake-parts": {
+ "inputs": {
+ "nixpkgs-lib": [
+ "devenv",
+ "nix",
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1712014858,
+ "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
+ "type": "github"
+ },
+ "original": {
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "type": "github"
+ }
+ },
+ "flake-parts_2": {
+ "inputs": {
+ "nixpkgs-lib": "nixpkgs-lib"
+ },
+ "locked": {
+ "lastModified": 1736143030,
+ "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
+ "type": "github"
+ },
+ "original": {
+ "owner": "hercules-ci",
+ "repo": "flake-parts",
+ "type": "github"
+ }
+ },
+ "git-hooks": {
+ "inputs": {
+ "flake-compat": [
+ "devenv"
+ ],
+ "gitignore": "gitignore",
+ "nixpkgs": [
+ "devenv",
+ "nixpkgs"
+ ],
+ "nixpkgs-stable": [
+ "devenv"
+ ]
+ },
+ "locked": {
+ "lastModified": 1730302582,
+ "narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=",
+ "owner": "cachix",
+ "repo": "git-hooks.nix",
+ "rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf",
+ "type": "github"
+ },
+ "original": {
+ "owner": "cachix",
+ "repo": "git-hooks.nix",
+ "type": "github"
+ }
+ },
+ "gitignore": {
+ "inputs": {
+ "nixpkgs": [
+ "devenv",
+ "git-hooks",
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1709087332,
+ "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
+ "owner": "hercules-ci",
+ "repo": "gitignore.nix",
+ "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
+ "type": "github"
+ },
+ "original": {
+ "owner": "hercules-ci",
+ "repo": "gitignore.nix",
+ "type": "github"
+ }
+ },
+ "libgit2": {
+ "flake": false,
+ "locked": {
+ "lastModified": 1697646580,
+ "narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=",
+ "owner": "libgit2",
+ "repo": "libgit2",
+ "rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5",
+ "type": "github"
+ },
+ "original": {
+ "owner": "libgit2",
+ "repo": "libgit2",
+ "type": "github"
+ }
+ },
+ "nix": {
+ "inputs": {
+ "flake-compat": [
+ "devenv"
+ ],
+ "flake-parts": "flake-parts",
+ "libgit2": "libgit2",
+ "nixpkgs": "nixpkgs_2",
+ "nixpkgs-23-11": [
+ "devenv"
+ ],
+ "nixpkgs-regression": [
+ "devenv"
+ ],
+ "pre-commit-hooks": [
+ "devenv"
+ ]
},
"locked": {
- "lastModified": 1705309234,
- "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
- "owner": "numtide",
- "repo": "flake-utils",
- "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
+ "lastModified": 1727438425,
+ "narHash": "sha256-X8ES7I1cfNhR9oKp06F6ir4Np70WGZU5sfCOuNBEwMg=",
+ "owner": "domenkozar",
+ "repo": "nix",
+ "rev": "f6c5ae4c1b2e411e6b1e6a8181cc84363d6a7546",
"type": "github"
},
"original": {
- "owner": "numtide",
- "repo": "flake-utils",
+ "owner": "domenkozar",
+ "ref": "devenv-2.24",
+ "repo": "nix",
"type": "github"
}
},
"nixpkgs": {
"locked": {
- "lastModified": 1708807242,
- "narHash": "sha256-sRTRkhMD4delO/hPxxi+XwLqPn8BuUq6nnj4JqLwOu0=",
+ "lastModified": 1730531603,
+ "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "73de017ef2d18a04ac4bfd0c02650007ccb31c2a",
+ "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d",
"type": "github"
},
"original": {
- "id": "nixpkgs",
+ "owner": "NixOS",
"ref": "nixos-unstable",
- "type": "indirect"
+ "repo": "nixpkgs",
+ "type": "github"
}
},
- "root": {
- "inputs": {
- "flake-utils": "flake-utils",
- "nixpkgs": "nixpkgs"
+ "nixpkgs-lib": {
+ "locked": {
+ "lastModified": 1735774519,
+ "narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=",
+ "type": "tarball",
+ "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
+ },
+ "original": {
+ "type": "tarball",
+ "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz"
}
},
- "systems": {
+ "nixpkgs_2": {
"locked": {
- "lastModified": 1681028828,
- "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
- "owner": "nix-systems",
- "repo": "default",
- "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+ "lastModified": 1717432640,
+ "narHash": "sha256-+f9c4/ZX5MWDOuB1rKoWj+lBNm0z0rs4CK47HBLxy1o=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "88269ab3044128b7c2f4c7d68448b2fb50456870",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "release-24.05",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "nixpkgs_3": {
+ "locked": {
+ "lastModified": 1716977621,
+ "narHash": "sha256-Q1UQzYcMJH4RscmpTkjlgqQDX5yi1tZL0O345Ri6vXQ=",
+ "owner": "cachix",
+ "repo": "devenv-nixpkgs",
+ "rev": "4267e705586473d3e5c8d50299e71503f16a6fb6",
+ "type": "github"
+ },
+ "original": {
+ "owner": "cachix",
+ "ref": "rolling",
+ "repo": "devenv-nixpkgs",
+ "type": "github"
+ }
+ },
+ "nixpkgs_4": {
+ "locked": {
+ "lastModified": 1736241350,
+ "narHash": "sha256-CHd7yhaDigUuJyDeX0SADbTM9FXfiWaeNyY34FL1wQU=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "8c9fd3e564728e90829ee7dbac6edc972971cd0f",
"type": "github"
},
"original": {
- "owner": "nix-systems",
- "repo": "default",
+ "owner": "NixOS",
+ "ref": "nixpkgs-unstable",
+ "repo": "nixpkgs",
"type": "github"
}
+ },
+ "root": {
+ "inputs": {
+ "devenv": "devenv",
+ "flake-parts": "flake-parts_2",
+ "nixpkgs": "nixpkgs_4"
+ }
}
},
"root": "root",
diff --git a/flake.nix b/flake.nix
index 8b82d70740b89cae19cfc609a111989c7e96d932..f6dea3b8a1daaf257588015be6ef25894386ac97 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,27 +1,58 @@
{
- description = "OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors";
-
inputs = {
- nixpkgs.url = "nixpkgs/nixos-unstable";
- flake-utils.url = "github:numtide/flake-utils";
+ nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+ flake-parts.url = "github:hercules-ci/flake-parts";
+ devenv.url = "github:cachix/devenv";
};
- outputs = { self, nixpkgs, flake-utils, ... }:
- flake-utils.lib.eachDefaultSystem (
- system:
- let
- pkgs = nixpkgs.legacyPackages.${system};
- buildDeps = with pkgs; [ git go_1_21 gnumake ];
- devDeps = with pkgs;
- buildDeps ++ [
- golangci-lint
- gotestsum
- protobuf
- protoc-gen-go
- protoc-gen-go-grpc
- kind
- ];
- in
- { devShell = pkgs.mkShell { buildInputs = devDeps; }; }
- );
+ outputs =
+ inputs@{ flake-parts, ... }:
+ flake-parts.lib.mkFlake { inherit inputs; } {
+ imports = [
+ inputs.devenv.flakeModule
+ ];
+
+ systems = [
+ "x86_64-linux"
+ "x86_64-darwin"
+ "aarch64-darwin"
+ "aarch64-linux"
+ ];
+
+ perSystem =
+ {
+ pkgs,
+ lib,
+ system,
+ ...
+ }:
+ rec {
+ devenv.shells = {
+ default = {
+ languages = {
+ go = {
+ enable = true;
+ package = pkgs.go_1_23;
+ };
+ };
+
+ packages = with pkgs; [
+ gnumake
+
+ golangci-lint
+ gotestsum
+ protobuf
+ protoc-gen-go
+ protoc-gen-go-grpc
+ kind
+ ];
+
+ # https://github.com/cachix/devenv/issues/528#issuecomment-1556108767
+ containers = pkgs.lib.mkForce { };
+ };
+
+ ci = devenv.shells.default;
+ };
+ };
+ };
}
diff --git a/go.mod b/go.mod
index 5dfc4a8b05f507ac776cdf956acf00cb0746d413..3d5441ebf35c84958c2fcb9ec14434ab3380cd1c 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
module github.com/dexidp/dex
-go 1.21
+go 1.23
require (
cloud.google.com/go/compute/metadata v0.5.2