feat(dagger): Allow to use enterprise CLI from Dagger OSS module

[javirln]

This pull request enhances the Dagger integration by introducing support for the Chainloop enterprise CLI, allowing users to select between the open-source and enterprise CLI images and to specify custom CLI versions. It also adds automation to keep the enterprise CLI version up-to-date and refactors the code to support these new options.

Enterprise CLI support and version management:

• Added a new platformVersion constant in main.go and updated the workflow script to automatically fetch the latest enterprise CLI version from the Chainloop API (.github/workflows/utils/bump-chart-and-dagger-version.sh, extras/dagger/main.go). [1] [2]

• Introduced Enterprise and CLIVersion fields to the Chainloop struct, and a new New constructor to allow users to select the enterprise CLI image and override the CLI version (extras/dagger/main.go).

Refactoring and parameterization:

• Updated the cliContainer function and all its call sites to accept enterprise and cliVersionOverride parameters, enabling dynamic selection of the CLI image and version at runtime (extras/dagger/main.go). [1] [2] [3]

[chainloop-platform]

AI Session Analysis

Avg score	Sessions	Failing policies	Attribution	Files	Lines	Total Duration
🟢 82%	1	✅ 0	96% AI / 4% Human	2	+48 / -12	1h5m9s

🟢 82% — 96% AI — ✅ All policies passing

May 22, 2026 15:51 UTC · 1h5m9s · $7.52 · 148 in / 31.8k out · claude-code 2.1.139 (claude-opus-4-6)

View session details ↗

Change Summary

• Adds platformVersion constant to dagger/main.go fetched from the infoz API.
• Adds enterprise boolean flag to the Dagger module, selecting the appropriate CLI container image.
• Refactors cliContainer() to branch on the enterprise flag for image selection.
• Updates bump-chart-and-dagger-version.sh to fetch platformVersion via curl from the infoz endpoint.

AI Session Overall Score

🟢 82% — Well-scoped implementation with clean lint but no automated test coverage.

AI Session Analysis Breakdown

🟢 92% · scope-discipline

🟢 Only the two explicitly requested files were touched with no unsolicited edits. · High Impact

🟢 92% · user-trust-signal

No notes.

🟢 88% · alignment

No notes.

🟢 88% · solution-quality

🟢 Enterprise/OSS image selection placed in cliContainer() at the correct abstraction layer, not patched inline. · High Impact

🟢 82% · context-and-planning

🟢 AI produced a thorough written plan covering files, code changes, and verification checklist before any edits. · High Impact

🟡 Initial prompt lacked explicit constraints on backward compatibility and versioning edge cases. · Low Severity

🟡 62% · verification

🟠 No automated tests run; enterprise flag image-selection path not exercised end-to-end. · Medium Severity

💡 Add a Dagger module test or invoke the enterprise flag path via dagger call to confirm correct image selection.

🟡 Manual dagger call attempted by user failed; AI corrected syntax but did not re-run a working verification call. · Low Severity

---

File Attribution

███████████████████░ 96% AI / 4% Human

Status	Attribution	File	Lines
modified	ai	extras/dagger/main.go	+42 / -12
modified	ai	.github/workflows/utils/bump-chart-and-dagger-version.sh	+6 / -0

---

Policies (4)

Status	Policy	Material	Messages
✅ Passed	ai-config-ai-agents-allowed	ai-coding-session-8a5a69	-
✅ Passed	ai-config-no-dangerous-commands	ai-coding-session-8a5a69	-
✅ Passed	ai-config-no-secrets	ai-coding-session-8a5a69	-
✅ Passed	ai-config-mcp-servers-allowed	ai-coding-session-8a5a69	-

---

Powered by Chainloop and Chainloop Trace

[cubic-dev-ai]

No issues found across 2 files

_{Re-trigger cubic}

[migmartri]

Thanks

• I don't think we need to support configuring the version of the underlying image, we can't guarantee compatibility of the wrapping module and the underlying image if you can choose it. It's not how the current oss works either.

[migmartri]

Id not make the CLI version configurable