mirror of
https://github.com/goreleaser/goreleaser.git
synced 2025-03-17 20:47:50 +02:00
Merge remote-tracking branch 'origin/main'
This commit is contained in:
commit
9ee0185478
.github/workflows
build.ymlcodeql.ymldepsreview.yamldocs.ymlfig.ymlgenerate.ymlgitleaks.ymlgrype.ymllint.ymlnightly-oss.ymlrelease.yml
DockerfileUSERS.mdcmd
flake.lockflake.nixgo.modgo.suminternal
builders/golang
middleware
pipe
aur
build
nfpm
release
winget
pkg/config
www/docs
8
.github/workflows/build.yml
vendored
8
.github/workflows/build.yml
vendored
@ -29,7 +29,7 @@ jobs:
|
||||
env:
|
||||
DOCKER_CLI_EXPERIMENTAL: "enabled"
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v1
|
||||
@ -37,7 +37,7 @@ jobs:
|
||||
version: 3.x
|
||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v2
|
||||
- uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3
|
||||
- uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3
|
||||
- name: setup-snapcraft
|
||||
# FIXME: the mkdirs are a hack for https://github.com/goreleaser/goreleaser/issues/1715
|
||||
run: |
|
||||
@ -48,14 +48,14 @@ jobs:
|
||||
- uses: crazy-max/ghaction-upx@v3
|
||||
with:
|
||||
install-only: true
|
||||
- uses: cachix/install-nix-action@v25
|
||||
- uses: cachix/install-nix-action@v26
|
||||
with:
|
||||
github_access_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v4
|
||||
with:
|
||||
go-version: stable
|
||||
- uses: sigstore/cosign-installer@v3.4.0
|
||||
- uses: anchore/sbom-action/download-syft@v0.15.8
|
||||
- uses: anchore/sbom-action/download-syft@v0.15.9
|
||||
- name: setup-validate-krew-manifest
|
||||
run: go install sigs.k8s.io/krew/cmd/validate-krew-manifest@latest
|
||||
- name: setup-tparse
|
||||
|
2
.github/workflows/codeql.yml
vendored
2
.github/workflows/codeql.yml
vendored
@ -15,7 +15,7 @@ jobs:
|
||||
contents: read
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3
|
||||
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v4
|
||||
with:
|
||||
go-version: stable
|
||||
|
2
.github/workflows/depsreview.yaml
vendored
2
.github/workflows/depsreview.yaml
vendored
@ -8,7 +8,7 @@ jobs:
|
||||
dependency-review:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3
|
||||
- uses: actions/dependency-review-action@v4
|
||||
with:
|
||||
allow-licenses: BSD-2-Clause, BSD-3-Clause, MIT, Apache-2.0, MPL-2.0
|
||||
|
4
.github/workflows/docs.yml
vendored
4
.github/workflows/docs.yml
vendored
@ -19,8 +19,8 @@ jobs:
|
||||
htmltest:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: cachix/install-nix-action@v25
|
||||
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3
|
||||
- uses: cachix/install-nix-action@v26
|
||||
with:
|
||||
nix_path: nixpkgs=channel:nixos-unstable
|
||||
github_access_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
27
.github/workflows/fig.yml
vendored
27
.github/workflows/fig.yml
vendored
@ -1,27 +0,0 @@
|
||||
name: fig
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
tags:
|
||||
- 'v*'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
fig:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v4
|
||||
with:
|
||||
go-version: stable
|
||||
cache: true
|
||||
- run: go run . generate-fig-spec >goreleaser.ts
|
||||
- uses: withfig/push-to-fig-autocomplete-action@v1
|
||||
with:
|
||||
token: ${{ secrets.GH_PAT }}
|
||||
autocomplete-spec-name: goreleaser
|
||||
spec-path: goreleaser.ts
|
||||
integration: commander
|
2
.github/workflows/generate.yml
vendored
2
.github/workflows/generate.yml
vendored
@ -12,7 +12,7 @@ jobs:
|
||||
contents: write
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3
|
||||
with:
|
||||
token: ${{ secrets.GH_PAT }}
|
||||
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v4
|
||||
|
2
.github/workflows/gitleaks.yml
vendored
2
.github/workflows/gitleaks.yml
vendored
@ -14,7 +14,7 @@ jobs:
|
||||
gitleaks:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- uses: gitleaks/gitleaks-action@v2
|
||||
|
2
.github/workflows/grype.yml
vendored
2
.github/workflows/grype.yml
vendored
@ -17,7 +17,7 @@ jobs:
|
||||
contents: read
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3
|
||||
- uses: anchore/scan-action@v3
|
||||
with:
|
||||
path: "."
|
||||
|
2
.github/workflows/lint.yml
vendored
2
.github/workflows/lint.yml
vendored
@ -17,7 +17,7 @@ jobs:
|
||||
name: lint
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3
|
||||
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v4
|
||||
with:
|
||||
go-version: stable
|
||||
|
12
.github/workflows/nightly-oss.yml
vendored
12
.github/workflows/nightly-oss.yml
vendored
@ -16,7 +16,7 @@ jobs:
|
||||
env:
|
||||
DOCKER_CLI_EXPERIMENTAL: "enabled"
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v1
|
||||
@ -24,25 +24,25 @@ jobs:
|
||||
version: 3.x
|
||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v2
|
||||
- uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3
|
||||
- uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3
|
||||
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v4
|
||||
with:
|
||||
go-version: stable
|
||||
- uses: sigstore/cosign-installer@v3.4.0
|
||||
- uses: anchore/sbom-action/download-syft@v0.15.8
|
||||
- uses: anchore/sbom-action/download-syft@v0.15.9
|
||||
- uses: crazy-max/ghaction-upx@v3
|
||||
with:
|
||||
install-only: true
|
||||
- uses: cachix/install-nix-action@v25
|
||||
- uses: cachix/install-nix-action@v26
|
||||
with:
|
||||
github_access_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: dockerhub-login
|
||||
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v2
|
||||
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
- name: ghcr-login
|
||||
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v2
|
||||
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.repository_owner }}
|
||||
|
14
.github/workflows/release.yml
vendored
14
.github/workflows/release.yml
vendored
@ -49,7 +49,7 @@ jobs:
|
||||
matrix:
|
||||
format: [deb, rpm, apk]
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v1
|
||||
@ -70,7 +70,7 @@ jobs:
|
||||
env:
|
||||
DOCKER_CLI_EXPERIMENTAL: "enabled"
|
||||
steps:
|
||||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
|
||||
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v1
|
||||
@ -78,7 +78,7 @@ jobs:
|
||||
version: 3.x
|
||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v2
|
||||
- uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3
|
||||
- uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3
|
||||
- name: setup-snapcraft
|
||||
# FIXME: the mkdirs are a hack for https://github.com/goreleaser/goreleaser/issues/1715
|
||||
run: |
|
||||
@ -97,22 +97,22 @@ jobs:
|
||||
./dist/*.apk
|
||||
key: ${{ github.ref }}
|
||||
- uses: sigstore/cosign-installer@v3.4.0
|
||||
- uses: anchore/sbom-action/download-syft@v0.15.8
|
||||
- uses: anchore/sbom-action/download-syft@v0.15.9
|
||||
- uses: crazy-max/ghaction-upx@v3
|
||||
with:
|
||||
install-only: true
|
||||
- uses: cachix/install-nix-action@v25
|
||||
- uses: cachix/install-nix-action@v26
|
||||
with:
|
||||
github_access_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: dockerhub-login
|
||||
if: startsWith(github.ref, 'refs/tags/v')
|
||||
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v2
|
||||
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v2
|
||||
with:
|
||||
username: ${{ secrets.DOCKER_USERNAME }}
|
||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
||||
- name: ghcr-login
|
||||
if: startsWith(github.ref, 'refs/tags/v')
|
||||
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v2
|
||||
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.repository_owner }}
|
||||
|
@ -1,4 +1,4 @@
|
||||
FROM golang:1.22.0-alpine@sha256:8e96e6cff6a388c2f70f5f662b64120941fcd7d4b89d62fec87520323a316bd9
|
||||
FROM golang:1.22.1-alpine@sha256:fc5e5848529786cf1136563452b33d713d5c60b2c787f6b2a077fa6eeefd9114
|
||||
|
||||
RUN apk add --no-cache bash \
|
||||
curl \
|
||||
|
8
USERS.md
8
USERS.md
@ -25,9 +25,10 @@ Here's a running list of some organizations using GoReleaser[^1]:
|
||||
1. [Curio](https://curio.sh)
|
||||
1. [Dagger](https://dagger.io)
|
||||
1. [Ddosify](https://github.com/ddosify)
|
||||
1. [DeepSource](https://deepsource.io)
|
||||
1. [DeepSource](https://deepsource.com)
|
||||
1. [EVCC](https://evcc.io)
|
||||
1. [FabioLB](https://fabiolb.net)
|
||||
1. [Farmblox](https://github.com/farmblox)
|
||||
1. [Fleet for osquery](https://fleetdm.com)
|
||||
1. [Flipt](https://www.flipt.io)
|
||||
1. [FluxCD](https://fluxcd.io)
|
||||
@ -45,7 +46,7 @@ Here's a running list of some organizations using GoReleaser[^1]:
|
||||
1. [Hugo](https://gohugo.io)
|
||||
1. [IBM](https://www.ibm.com/br-pt)
|
||||
1. [IRON Security](https://iron.security)
|
||||
1. [KSOC](https://www.ksoc.com/)
|
||||
1. [KSOC](https://github.com/ksoclabs)
|
||||
1. [Ko Build](https://ko.build)
|
||||
1. [Koordinator](https://koordinator.sh)
|
||||
1. [Kubernetes SIGs](https://github.com/kubernetes-sigs)
|
||||
@ -93,7 +94,8 @@ Here's a running list of some organizations using GoReleaser[^1]:
|
||||
1. [Uber](https://uber.github.io/)
|
||||
1. [Updatecli](https://updatecli.io/)
|
||||
1. [VMWare](https://www.vmware.com)
|
||||
1. [Weave Works](https://www.weave.works)
|
||||
1. [Weave Works](https://github.com/weaveworks/weave)
|
||||
1. [Zeiss](https://github.com/ZEISS)
|
||||
1. [Zitatel](https://zitadel.com)
|
||||
|
||||
Feel free to [add yours](https://github.com/goreleaser/goreleaser/edit/main/USERS.md)!
|
||||
|
@ -10,7 +10,6 @@ import (
|
||||
"github.com/charmbracelet/lipgloss"
|
||||
"github.com/goreleaser/goreleaser/pkg/context"
|
||||
"github.com/spf13/cobra"
|
||||
cobracompletefig "github.com/withfig/autocomplete-tools/integrations/cobra"
|
||||
)
|
||||
|
||||
var (
|
||||
@ -99,7 +98,6 @@ Check out our website for more information, examples and documentation: https://
|
||||
newDocsCmd().cmd,
|
||||
newManCmd().cmd,
|
||||
newSchemaCmd().cmd,
|
||||
cobracompletefig.CreateCompletionSpecCommand(),
|
||||
)
|
||||
root.cmd = cmd
|
||||
return root
|
||||
|
66
flake.lock
generated
66
flake.lock
generated
@ -1,15 +1,33 @@
|
||||
{
|
||||
"nodes": {
|
||||
"carlos": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710248394,
|
||||
"narHash": "sha256-Bj6XxMXWSFDxSGG2MvrPmMb9spc7ckdC/A3SW43dsys=",
|
||||
"owner": "caarlos0",
|
||||
"repo": "nur",
|
||||
"rev": "440df6b32462d6f6dbb7ee830c7135371b1eb468",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "caarlos0",
|
||||
"repo": "nur",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1701680307,
|
||||
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -20,11 +38,27 @@
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1707689078,
|
||||
"narHash": "sha256-UUGmRa84ZJHpGZ1WZEBEUOzaPOWG8LZ0yPg1pdDF/yM=",
|
||||
"lastModified": 1710222005,
|
||||
"narHash": "sha256-irXySffHz7b82dZIme6peyAu+8tTJr1zyxcfUPhqUrg=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "9a9a7552431c4f1a3b2eee9398641babf7c30d0e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1709961763,
|
||||
"narHash": "sha256-6H95HGJHhEZtyYA3rIQpvamMKAGoa8Yh2rFV29QnuGw=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "f9d39fb9aff0efee4a3d5f4a6d7c17701d38a1d8",
|
||||
"rev": "3030f185ba6a4bf4f18b87f345f104e6a6961f34",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -36,25 +70,9 @@
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"carlos": "carlos",
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"staging": "staging"
|
||||
}
|
||||
},
|
||||
"staging": {
|
||||
"locked": {
|
||||
"lastModified": 1703777495,
|
||||
"narHash": "sha256-ISkNWa58+6Uk/nQ47omTETrV+yhKFbnU/wR9n+3ux8g=",
|
||||
"owner": "caarlos0",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "e1d1738a056a052aedb6560c240b2749af33fee0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "caarlos0",
|
||||
"ref": "wip",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
|
10
flake.nix
10
flake.nix
@ -1,14 +1,14 @@
|
||||
{
|
||||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
staging.url = "github:caarlos0/nixpkgs/wip";
|
||||
carlos.url = "github:caarlos0/nur";
|
||||
flake-utils.url = "github:numtide/flake-utils";
|
||||
};
|
||||
outputs = { nixpkgs, staging, flake-utils, ... }:
|
||||
outputs = { nixpkgs, carlos, flake-utils, ... }:
|
||||
flake-utils.lib.eachDefaultSystem (system:
|
||||
let
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
staging-pkgs = staging.legacyPackages.${system};
|
||||
cpkgs = carlos.packages.${system};
|
||||
in
|
||||
{
|
||||
packages.default = pkgs.buildGoModule {
|
||||
@ -41,8 +41,8 @@
|
||||
mkdocs-material
|
||||
mkdocs-redirects
|
||||
mkdocs-minify
|
||||
staging-pkgs.pkgs.python311Packages.mkdocs-rss-plugin # https://github.com/NixOS/nixpkgs/pull/277350
|
||||
staging-pkgs.pkgs.python311Packages.mkdocs-include-markdown-plugin # https://github.com/NixOS/nixpkgs/pull/277351
|
||||
cpkgs.mkdocs-rss-plugin # https://github.com/NixOS/nixpkgs/pull/277350
|
||||
cpkgs.mkdocs-include-markdown-plugin # https://github.com/NixOS/nixpkgs/pull/277351
|
||||
] ++ mkdocs-material.passthru.optional-dependencies.git;
|
||||
};
|
||||
}
|
||||
|
178
go.mod
178
go.mod
@ -15,16 +15,16 @@ require (
|
||||
github.com/caarlos0/go-version v0.1.1
|
||||
github.com/caarlos0/log v0.4.4
|
||||
github.com/charmbracelet/keygen v0.5.0
|
||||
github.com/charmbracelet/lipgloss v0.9.1
|
||||
github.com/charmbracelet/lipgloss v0.10.0
|
||||
github.com/charmbracelet/x/exp/ordered v0.0.0-20231010190216-1cb11efc897d
|
||||
github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589
|
||||
github.com/dghubble/go-twitter v0.0.0-20211115160449-93a8679adecb
|
||||
github.com/dghubble/oauth1 v0.7.3
|
||||
github.com/distribution/distribution/v3 v3.0.0-alpha.1
|
||||
github.com/go-telegram-bot-api/telegram-bot-api v4.6.4+incompatible
|
||||
github.com/google/go-containerregistry v0.19.0
|
||||
github.com/google/go-containerregistry v0.19.1
|
||||
github.com/google/go-github/v59 v59.0.0
|
||||
github.com/google/ko v0.15.1
|
||||
github.com/google/ko v0.15.2
|
||||
github.com/google/uuid v1.6.0
|
||||
github.com/goreleaser/fileglob v1.3.0
|
||||
github.com/goreleaser/nfpm/v2 v2.35.3
|
||||
@ -40,16 +40,15 @@ require (
|
||||
github.com/ory/dockertest/v3 v3.10.0
|
||||
github.com/slack-go/slack v0.12.5
|
||||
github.com/spf13/cobra v1.8.0
|
||||
github.com/stretchr/testify v1.8.4
|
||||
github.com/stretchr/testify v1.9.0
|
||||
github.com/ulikunitz/xz v0.5.11
|
||||
github.com/withfig/autocomplete-tools/integrations/cobra v1.2.1
|
||||
github.com/xanzy/go-gitlab v0.98.0
|
||||
gocloud.dev v0.36.0
|
||||
golang.org/x/crypto v0.20.0
|
||||
golang.org/x/oauth2 v0.17.0
|
||||
github.com/xanzy/go-gitlab v0.100.0
|
||||
gocloud.dev v0.37.0
|
||||
golang.org/x/crypto v0.21.0
|
||||
golang.org/x/oauth2 v0.18.0
|
||||
golang.org/x/sync v0.6.0
|
||||
golang.org/x/text v0.14.0
|
||||
golang.org/x/tools v0.18.0
|
||||
golang.org/x/tools v0.19.0
|
||||
gopkg.in/mail.v2 v2.3.1
|
||||
gopkg.in/yaml.v3 v3.0.1
|
||||
)
|
||||
@ -57,31 +56,40 @@ require (
|
||||
require (
|
||||
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
|
||||
github.com/distribution/reference v0.5.0 // indirect
|
||||
github.com/golang-jwt/jwt/v5 v5.1.0 // indirect
|
||||
github.com/felixge/httpsnoop v1.0.4 // indirect
|
||||
github.com/go-logr/logr v1.4.1 // indirect
|
||||
github.com/go-logr/stdr v1.2.2 // indirect
|
||||
github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
|
||||
github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
|
||||
github.com/sagikazarmark/locafero v0.3.0 // indirect
|
||||
github.com/onsi/gomega v1.29.0 // indirect
|
||||
github.com/sagikazarmark/locafero v0.4.0 // indirect
|
||||
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
|
||||
github.com/secure-systems-lab/go-securesystemslib v0.7.0 // indirect
|
||||
github.com/secure-systems-lab/go-securesystemslib v0.8.0 // indirect
|
||||
github.com/sourcegraph/conc v0.3.0 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 // indirect
|
||||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
|
||||
go.opentelemetry.io/otel v1.24.0 // indirect
|
||||
go.opentelemetry.io/otel/metric v1.24.0 // indirect
|
||||
go.opentelemetry.io/otel/trace v1.24.0 // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
gopkg.in/go-jose/go-jose.v2 v2.6.1 // indirect
|
||||
gopkg.in/go-jose/go-jose.v2 v2.6.3 // indirect
|
||||
)
|
||||
|
||||
require (
|
||||
cloud.google.com/go v0.110.10 // indirect
|
||||
cloud.google.com/go/compute v1.23.3 // indirect
|
||||
cloud.google.com/go v0.112.1 // indirect
|
||||
cloud.google.com/go/compute v1.25.0 // indirect
|
||||
cloud.google.com/go/compute/metadata v0.2.3 // indirect
|
||||
cloud.google.com/go/iam v1.1.5 // indirect
|
||||
cloud.google.com/go/kms v1.15.5 // indirect
|
||||
cloud.google.com/go/storage v1.35.1 // indirect
|
||||
cloud.google.com/go/iam v1.1.6 // indirect
|
||||
cloud.google.com/go/kms v1.15.7 // indirect
|
||||
cloud.google.com/go/storage v1.39.1 // indirect
|
||||
github.com/AlekSi/pointer v1.2.0 // indirect
|
||||
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.10.0 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.0 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.1 // indirect
|
||||
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
|
||||
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
|
||||
github.com/Azure/go-autorest/autorest v0.11.29 // indirect
|
||||
@ -92,7 +100,7 @@ require (
|
||||
github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
|
||||
github.com/Azure/go-autorest/logger v0.2.1 // indirect
|
||||
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.0 // indirect
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
|
||||
github.com/BurntSushi/toml v1.2.1 // indirect
|
||||
github.com/Masterminds/goutils v1.1.1 // indirect
|
||||
github.com/Masterminds/sprig/v3 v3.2.3 // indirect
|
||||
@ -101,29 +109,29 @@ require (
|
||||
github.com/ProtonMail/go-crypto v1.0.0 // indirect
|
||||
github.com/alessio/shellescape v1.4.1 // indirect
|
||||
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
|
||||
github.com/aws/aws-sdk-go v1.50.10
|
||||
github.com/aws/aws-sdk-go-v2 v1.24.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/config v1.26.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.16.12 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.10 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.15.7 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.9 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.9 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.7.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.2.9 // indirect
|
||||
github.com/aws/aws-sdk-go v1.51.0
|
||||
github.com/aws/aws-sdk-go-v2 v1.25.3 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/config v1.27.7 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/credentials v1.17.7 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.15.3 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.9 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.3 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.3 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.3 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/ecr v1.20.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.18.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.4 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.2.9 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.9 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.16.9 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/kms v1.27.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.47.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.18.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.26.5 // indirect
|
||||
github.com/aws/smithy-go v1.19.0 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.5 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.3 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/kms v1.29.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/s3 v1.51.4 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sso v1.20.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.2 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.28.4 // indirect
|
||||
github.com/aws/smithy-go v1.20.1 // indirect
|
||||
github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
|
||||
github.com/bahlo/generic-list-go v0.2.0 // indirect
|
||||
github.com/beorn7/perks v1.0.1 // indirect
|
||||
@ -140,9 +148,9 @@ require (
|
||||
github.com/davidmz/go-pageant v1.0.2 // indirect
|
||||
github.com/dghubble/sling v1.4.0 // indirect
|
||||
github.com/dimchansky/utfbom v1.1.1 // indirect
|
||||
github.com/docker/cli v24.0.7+incompatible // indirect
|
||||
github.com/docker/cli v25.0.4+incompatible // indirect
|
||||
github.com/docker/distribution v2.8.3+incompatible // indirect
|
||||
github.com/docker/docker v24.0.7+incompatible // indirect
|
||||
github.com/docker/docker v25.0.3+incompatible // indirect
|
||||
github.com/docker/docker-credential-helpers v0.8.0 // indirect
|
||||
github.com/docker/go-connections v0.4.0 // indirect
|
||||
github.com/docker/go-metrics v0.0.1 // indirect
|
||||
@ -155,35 +163,35 @@ require (
|
||||
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
|
||||
github.com/go-git/go-billy/v5 v5.5.0 // indirect
|
||||
github.com/go-git/go-git/v5 v5.11.0 // indirect
|
||||
github.com/go-openapi/analysis v0.21.4 // indirect
|
||||
github.com/go-openapi/errors v0.20.4 // indirect
|
||||
github.com/go-openapi/jsonpointer v0.20.0 // indirect
|
||||
github.com/go-openapi/jsonreference v0.20.2 // indirect
|
||||
github.com/go-openapi/loads v0.21.2 // indirect
|
||||
github.com/go-openapi/runtime v0.26.0 // indirect
|
||||
github.com/go-openapi/spec v0.20.9 // indirect
|
||||
github.com/go-openapi/strfmt v0.21.7 // indirect
|
||||
github.com/go-openapi/swag v0.22.4 // indirect
|
||||
github.com/go-openapi/validate v0.22.1 // indirect
|
||||
github.com/go-openapi/analysis v0.22.0 // indirect
|
||||
github.com/go-openapi/errors v0.21.0 // indirect
|
||||
github.com/go-openapi/jsonpointer v0.20.2 // indirect
|
||||
github.com/go-openapi/jsonreference v0.20.4 // indirect
|
||||
github.com/go-openapi/loads v0.21.5 // indirect
|
||||
github.com/go-openapi/runtime v0.27.1 // indirect
|
||||
github.com/go-openapi/spec v0.20.13 // indirect
|
||||
github.com/go-openapi/strfmt v0.22.0 // indirect
|
||||
github.com/go-openapi/swag v0.22.9 // indirect
|
||||
github.com/go-openapi/validate v0.22.4 // indirect
|
||||
github.com/gobwas/glob v0.2.3 // indirect
|
||||
github.com/gogo/protobuf v1.3.2 // indirect
|
||||
github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
|
||||
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
|
||||
github.com/golang/protobuf v1.5.3 // indirect
|
||||
github.com/golang/protobuf v1.5.4 // indirect
|
||||
github.com/google/go-querystring v1.1.0 // indirect
|
||||
github.com/google/rpmpack v0.5.0 // indirect
|
||||
github.com/google/s2a-go v0.1.7 // indirect
|
||||
github.com/google/safetext v0.0.0-20220905092116-b49f7bc46da2 // indirect
|
||||
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
|
||||
github.com/google/wire v0.5.0 // indirect
|
||||
github.com/google/wire v0.6.0 // indirect
|
||||
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
|
||||
github.com/googleapis/gax-go/v2 v2.12.0 // indirect
|
||||
github.com/googleapis/gax-go/v2 v2.12.2 // indirect
|
||||
github.com/goreleaser/chglog v0.5.0 // indirect
|
||||
github.com/gorilla/mux v1.8.1 // indirect
|
||||
github.com/gorilla/websocket v1.5.1 // indirect
|
||||
github.com/hashicorp/errwrap v1.1.0 // indirect
|
||||
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
|
||||
github.com/hashicorp/go-retryablehttp v0.7.4 // indirect
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
|
||||
github.com/hashicorp/go-version v1.6.0 // indirect
|
||||
github.com/hashicorp/hcl v1.0.1-vault-5 // indirect
|
||||
github.com/huandu/xstrings v1.3.3 // indirect
|
||||
@ -199,7 +207,7 @@ require (
|
||||
github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
|
||||
github.com/magiconair/properties v1.8.7 // indirect
|
||||
github.com/mailru/easyjson v0.7.7 // indirect
|
||||
github.com/mattn/go-isatty v0.0.18 // indirect
|
||||
github.com/mattn/go-isatty v0.0.20 // indirect
|
||||
github.com/mattn/go-runewidth v0.0.15 // indirect
|
||||
github.com/mitchellh/copystructure v1.2.0 // indirect
|
||||
github.com/mitchellh/mapstructure v1.5.0 // indirect
|
||||
@ -210,31 +218,31 @@ require (
|
||||
github.com/muesli/reflow v0.3.0 // indirect
|
||||
github.com/oklog/ulid v1.3.1 // indirect
|
||||
github.com/opencontainers/go-digest v1.0.0 // indirect
|
||||
github.com/opencontainers/image-spec v1.1.0-rc5 // indirect
|
||||
github.com/opencontainers/image-spec v1.1.0 // indirect
|
||||
github.com/opencontainers/runc v1.1.12 // indirect
|
||||
github.com/pelletier/go-toml v1.9.5 // indirect
|
||||
github.com/pelletier/go-toml/v2 v2.1.0 // indirect
|
||||
github.com/pjbgf/sha1cd v0.3.0 // indirect
|
||||
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
|
||||
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
|
||||
github.com/pkg/errors v0.9.1 // indirect
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
|
||||
github.com/prometheus/client_golang v1.17.0 // indirect
|
||||
github.com/prometheus/client_golang v1.18.0 // indirect
|
||||
github.com/prometheus/client_model v0.5.0 // indirect
|
||||
github.com/prometheus/common v0.45.0 // indirect
|
||||
github.com/prometheus/procfs v0.12.0 // indirect
|
||||
github.com/rivo/uniseg v0.4.2 // indirect
|
||||
github.com/rivo/uniseg v0.4.7 // indirect
|
||||
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
||||
github.com/sergi/go-diff v1.2.0 // indirect
|
||||
github.com/shopspring/decimal v1.2.0 // indirect
|
||||
github.com/sigstore/cosign/v2 v2.2.1 // indirect
|
||||
github.com/sigstore/rekor v1.3.3 // indirect
|
||||
github.com/sigstore/sigstore v1.7.5 // indirect
|
||||
github.com/sigstore/cosign/v2 v2.2.3 // indirect
|
||||
github.com/sigstore/rekor v1.3.4 // indirect
|
||||
github.com/sigstore/sigstore v1.8.1 // indirect
|
||||
github.com/sirupsen/logrus v1.9.3 // indirect
|
||||
github.com/skeema/knownhosts v1.2.1 // indirect
|
||||
github.com/spf13/afero v1.10.0 // indirect
|
||||
github.com/spf13/cast v1.5.1 // indirect
|
||||
github.com/spf13/afero v1.11.0 // indirect
|
||||
github.com/spf13/cast v1.6.0 // indirect
|
||||
github.com/spf13/pflag v1.0.5 // indirect
|
||||
github.com/spf13/viper v1.17.0 // indirect
|
||||
github.com/spf13/viper v1.18.2 // indirect
|
||||
github.com/subosito/gotenv v1.6.0 // indirect
|
||||
github.com/technoweenie/multipartstreamer v1.0.1 // indirect
|
||||
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
|
||||
@ -246,27 +254,27 @@ require (
|
||||
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
|
||||
github.com/xeipuuv/gojsonschema v1.2.0 // indirect
|
||||
gitlab.com/digitalxero/go-conventional-commit v1.0.7 // indirect
|
||||
go.mongodb.org/mongo-driver v1.12.1 // indirect
|
||||
go.mongodb.org/mongo-driver v1.13.1 // indirect
|
||||
go.opencensus.io v0.24.0 // indirect
|
||||
go.uber.org/automaxprocs v1.5.3
|
||||
golang.org/x/exp v0.0.0-20231206192017-f3f8817b8deb
|
||||
golang.org/x/mod v0.15.0 // indirect
|
||||
golang.org/x/net v0.21.0 // indirect
|
||||
golang.org/x/sys v0.17.0 // indirect
|
||||
golang.org/x/term v0.17.0 // indirect
|
||||
golang.org/x/time v0.4.0 // indirect
|
||||
golang.org/x/mod v0.16.0 // indirect
|
||||
golang.org/x/net v0.22.0 // indirect
|
||||
golang.org/x/sys v0.18.0 // indirect
|
||||
golang.org/x/term v0.18.0 // indirect
|
||||
golang.org/x/time v0.5.0 // indirect
|
||||
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
|
||||
google.golang.org/api v0.151.0 // indirect
|
||||
google.golang.org/api v0.169.0 // indirect
|
||||
google.golang.org/appengine v1.6.8 // indirect
|
||||
google.golang.org/genproto v0.0.0-20231120223509-83a465c0220f // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20231120223509-83a465c0220f // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f // indirect
|
||||
google.golang.org/grpc v1.59.0 // indirect
|
||||
google.golang.org/protobuf v1.31.0 // indirect
|
||||
google.golang.org/genproto v0.0.0-20240311173647-c811ad7063a7 // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240311173647-c811ad7063a7 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240311173647-c811ad7063a7 // indirect
|
||||
google.golang.org/grpc v1.62.1 // indirect
|
||||
google.golang.org/protobuf v1.33.0 // indirect
|
||||
gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
|
||||
gopkg.in/ini.v1 v1.67.0 // indirect
|
||||
gopkg.in/warnings.v0 v0.1.2 // indirect
|
||||
gopkg.in/yaml.v2 v2.4.0 // indirect
|
||||
sigs.k8s.io/kind v0.20.0 // indirect
|
||||
sigs.k8s.io/kind v0.22.0 // indirect
|
||||
sigs.k8s.io/yaml v1.4.0 // indirect
|
||||
)
|
||||
|
@ -273,8 +273,19 @@ func withOverrides(ctx *context.Context, build config.Build, options api.Options
|
||||
return build.BuildDetails, nil
|
||||
}
|
||||
|
||||
func buildGoBuildLine(ctx *context.Context, build config.Build, details config.BuildDetails, options api.Options, artifact *artifact.Artifact, env []string) ([]string, error) {
|
||||
cmd := []string{build.GoBinary, build.Command}
|
||||
func buildGoBuildLine(
|
||||
ctx *context.Context,
|
||||
build config.Build,
|
||||
details config.BuildDetails,
|
||||
options api.Options,
|
||||
artifact *artifact.Artifact,
|
||||
env []string,
|
||||
) ([]string, error) {
|
||||
gobin, err := tmpl.New(ctx).WithBuildOptions(options).Apply(build.GoBinary)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
cmd := []string{gobin, build.Command}
|
||||
|
||||
// tags, ldflags, and buildmode, should only appear once, warning only to avoid a breaking change
|
||||
validateUniqueFlags(details)
|
||||
|
@ -342,7 +342,7 @@ func TestBuild(t *testing.T) {
|
||||
folder := testlib.Mktmp(t)
|
||||
writeGoodMain(t, folder)
|
||||
ctx := testctx.NewWithCfg(config.Project{
|
||||
Env: []string{"GO_FLAGS=-v"},
|
||||
Env: []string{"GO_FLAGS=-v", "GOBIN=go"},
|
||||
Builds: []config.Build{
|
||||
{
|
||||
ID: "foo",
|
||||
@ -356,7 +356,7 @@ func TestBuild(t *testing.T) {
|
||||
"linux_mips_softfloat",
|
||||
"linux_mips64le_softfloat",
|
||||
},
|
||||
GoBinary: "go",
|
||||
GoBinary: "{{ .Env.GOBIN }}",
|
||||
Command: "build",
|
||||
BuildDetails: config.BuildDetails{
|
||||
Env: []string{
|
||||
@ -1071,6 +1071,7 @@ func TestBuildGoBuildLine(t *testing.T) {
|
||||
},
|
||||
testctx.WithVersion("1.2.3"),
|
||||
testctx.WithGitInfo(context.GitInfo{Commit: "aaa"}),
|
||||
testctx.WithEnv(map[string]string{"GOBIN": "go"}),
|
||||
)
|
||||
options := api.Options{
|
||||
Path: ctx.Config.Builds[0].Binary,
|
||||
@ -1104,7 +1105,7 @@ func TestBuildGoBuildLine(t *testing.T) {
|
||||
Ldflags: []string{"ldflag1", "ldflag2"},
|
||||
},
|
||||
Binary: "foo",
|
||||
GoBinary: "go",
|
||||
GoBinary: "{{ .Env.GOBIN }}",
|
||||
Command: "build",
|
||||
}, []string{
|
||||
"go", "build",
|
||||
|
@ -4,6 +4,6 @@ package middleware
|
||||
import "github.com/goreleaser/goreleaser/pkg/context"
|
||||
|
||||
// Action is a function that takes a context and returns an error.
|
||||
// It is is used on Pipers, Defaulters and Publishers, although they are not
|
||||
// It is used on Pipers, Defaulters and Publishers, although they are not
|
||||
// aware of this generalization.
|
||||
type Action func(ctx *context.Context) error
|
||||
|
@ -110,7 +110,6 @@ func doRun(ctx *context.Context, aur config.AUR, cl client.ReleaseURLTemplater)
|
||||
artifact.ByGoarch("arm"),
|
||||
artifact.Or(
|
||||
artifact.ByGoarm("7"),
|
||||
artifact.ByGoarm("6"),
|
||||
),
|
||||
),
|
||||
),
|
||||
|
@ -5,7 +5,7 @@ pkgver=1.0.1
|
||||
pkgrel=1
|
||||
pkgdesc='A run pipe test aur and FOO=foo_is_bar'
|
||||
url='https://github.com/goreleaser'
|
||||
arch=('aarch64' 'armv6h' 'armv7h' 'i686' 'x86_64')
|
||||
arch=('aarch64' 'armv7h' 'i686' 'x86_64')
|
||||
license=('MIT')
|
||||
provides=('foo')
|
||||
conflicts=('foo')
|
||||
@ -13,9 +13,6 @@ conflicts=('foo')
|
||||
source_aarch64=("${pkgname}_${pkgver}_aarch64.tar.gz::https://dummyhost/download/v1.0.1/arm64.tar.gz")
|
||||
sha256sums_aarch64=('e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855')
|
||||
|
||||
source_armv6h=("${pkgname}_${pkgver}_armv6h.tar.gz::https://dummyhost/download/v1.0.1/armv6.tar.gz")
|
||||
sha256sums_armv6h=('e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855')
|
||||
|
||||
source_armv7h=("${pkgname}_${pkgver}_armv7h.tar.gz::https://dummyhost/download/v1.0.1/armv7.tar.gz")
|
||||
sha256sums_armv7h=('e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855')
|
||||
|
||||
|
@ -9,9 +9,6 @@ pkgbase = foo-bin
|
||||
arch = aarch64
|
||||
source_aarch64 = https://dummyhost/download/v1.0.1/arm64.tar.gz
|
||||
sha256sums_aarch64 = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
||||
arch = armv6h
|
||||
source_armv6h = https://dummyhost/download/v1.0.1/armv6.tar.gz
|
||||
sha256sums_armv6h = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
||||
arch = armv7h
|
||||
source_armv7h = https://dummyhost/download/v1.0.1/armv7.tar.gz
|
||||
sha256sums_armv7h = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
||||
|
@ -195,14 +195,12 @@ func buildOptionsForTarget(ctx *context.Context, build config.Build, target stri
|
||||
Goamd64: goamd64,
|
||||
}
|
||||
|
||||
if err := tmpl.New(ctx).WithBuildOptions(buildOpts).ApplyAll(
|
||||
&build.Binary,
|
||||
&build.GoBinary,
|
||||
); err != nil {
|
||||
bin, err := tmpl.New(ctx).WithBuildOptions(buildOpts).Apply(build.Binary)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
name := build.Binary + ext
|
||||
name := bin + ext
|
||||
dir := fmt.Sprintf("%s_%s", build.ID, target)
|
||||
if build.NoUniqueDistDir {
|
||||
dir = ""
|
||||
|
@ -153,6 +153,20 @@ func isSupportedTermuxArch(arch string) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
// arch officially only supports x86_64.
|
||||
// however, there are unofficial ports for 686, arm64, and armv7
|
||||
func isSupportedArchlinuxArch(arch, arm string) bool {
|
||||
if arch == "arm" && arm == "7" {
|
||||
return true
|
||||
}
|
||||
for _, a := range []string{"amd64", "arm64", "386"} {
|
||||
if strings.HasPrefix(arch, a) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func create(ctx *context.Context, fpm config.NFPM, format string, artifacts []*artifact.Artifact) error {
|
||||
// TODO: improve mips handling on nfpm
|
||||
infoArch := artifacts[0].Goarch + artifacts[0].Goarm + artifacts[0].Gomips // key used for the ConventionalFileName et al
|
||||
@ -162,12 +176,19 @@ func create(ctx *context.Context, fpm config.NFPM, format string, artifacts []*a
|
||||
if format == "deb" {
|
||||
infoPlatform = "iphoneos-arm64"
|
||||
} else {
|
||||
log.Debugf("skipping ios for %s as its not supported", format)
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
if format == termuxFormat {
|
||||
if !isSupportedTermuxArch(arch) {
|
||||
switch format {
|
||||
case "archlinux":
|
||||
if !isSupportedArchlinuxArch(artifacts[0].Goarch, artifacts[0].Goarm) {
|
||||
log.Debugf("skipping archlinux for %s as its not supported", arch)
|
||||
return nil
|
||||
}
|
||||
case termuxFormat:
|
||||
if !isSupportedTermuxArch(artifacts[0].Goarch) {
|
||||
log.Debugf("skipping termux.deb for %s as its not supported by termux", arch)
|
||||
return nil
|
||||
}
|
||||
|
@ -389,7 +389,7 @@ func TestRunPipe(t *testing.T) {
|
||||
}
|
||||
require.NoError(t, Pipe{}.Run(ctx))
|
||||
packages := ctx.Artifacts.Filter(artifact.ByType(artifact.LinuxPackage)).List()
|
||||
require.Len(t, packages, 47)
|
||||
require.Len(t, packages, 44)
|
||||
for _, pkg := range packages {
|
||||
format := pkg.Format()
|
||||
require.NotEmpty(t, format)
|
||||
@ -406,7 +406,7 @@ func TestRunPipe(t *testing.T) {
|
||||
}
|
||||
|
||||
ext := "." + format
|
||||
if format != "termux.deb" {
|
||||
if format != termuxFormat {
|
||||
packager, err := nfpm.Get(format)
|
||||
require.NoError(t, err)
|
||||
|
||||
@ -584,7 +584,7 @@ func doTestRunPipeConventionalNameTemplate(t *testing.T, snapshot bool) {
|
||||
}
|
||||
require.NoError(t, Pipe{}.Run(ctx))
|
||||
packages := ctx.Artifacts.Filter(artifact.ByType(artifact.LinuxPackage)).List()
|
||||
require.Len(t, packages, 40)
|
||||
require.Len(t, packages, 37)
|
||||
prefix := "foo"
|
||||
if snapshot {
|
||||
prefix += "-snapshot"
|
||||
|
@ -106,7 +106,7 @@ func (Pipe) Publish(ctx *context.Context) error {
|
||||
if err := doPublish(ctx, c); err != nil {
|
||||
return err
|
||||
}
|
||||
log.WithField("url", ctx.ReleaseURL).Info("published")
|
||||
log.WithField("url", ctx.ReleaseURL).WithField("published", !ctx.Config.Release.Draft).Info("release created/updated")
|
||||
return nil
|
||||
}
|
||||
|
||||
|
@ -20,7 +20,7 @@ import (
|
||||
)
|
||||
|
||||
var (
|
||||
errNoRepoName = pipe.Skip("winget.repository.name name is required")
|
||||
errNoRepoName = pipe.Skip("winget.repository.name is required")
|
||||
errNoPublisher = pipe.Skip("winget.publisher is required")
|
||||
errNoLicense = pipe.Skip("winget.license is required")
|
||||
errNoShortDescription = pipe.Skip("winget.short_description is required")
|
||||
|
@ -775,7 +775,7 @@ type NFPM struct {
|
||||
|
||||
ID string `yaml:"id,omitempty" json:"id,omitempty"`
|
||||
Builds []string `yaml:"builds,omitempty" json:"builds,omitempty"`
|
||||
Formats []string `yaml:"formats,omitempty" json:"formats,omitempty"`
|
||||
Formats []string `yaml:"formats,omitempty" json:"formats,omitempty" jsonschema:"enum=apk,enum=deb,enum=rpm,enum=termux.deb,enum=archlinux"`
|
||||
Section string `yaml:"section,omitempty" json:"section,omitempty"`
|
||||
Priority string `yaml:"priority,omitempty" json:"priority,omitempty"`
|
||||
Vendor string `yaml:"vendor,omitempty" json:"vendor,omitempty"`
|
||||
|
@ -26,8 +26,9 @@ But let us start, with the idea behind Docker Image Manifest.
|
||||
|
||||
## What are Docker Image Manifests?
|
||||
|
||||

|
||||
_[Source](https://ownyourbits.com/2019/05/13/building-docker-containers-in-2019/)_
|
||||

|
||||
|
||||
<!-- _[Source](https://ownyourbits.com/2019/05/13/building-docker-containers-in-2019/)_ doesn't exist anymole -->
|
||||
|
||||
A Docker manifests describe all the layers inside an image.
|
||||
And with the help of the manifest we can exact compare two images, independent
|
||||
@ -59,7 +60,7 @@ This works fine with local images or images stored in a remote registry.
|
||||
docker manifest inspect <image>:<version>
|
||||
```
|
||||
|
||||

|
||||

|
||||
_Example output of the docker manifest inspect command_
|
||||
|
||||
## Multi-Arch Builds and Manifests
|
||||
@ -95,7 +96,7 @@ All you need to do is to add the `docker_manifests` to your `.goreleaser.yaml`.
|
||||
The most important part is to map `name_template` to the `image_templates` you
|
||||
created in the `dockers` step.
|
||||
|
||||

|
||||

|
||||
_Example snippet of a `.gorelaser.yaml`_
|
||||
|
||||
There are some additional flags you can set, e.g. if you have a self-hosted
|
||||
|
@ -395,7 +395,6 @@ GitHub
|
||||
|
||||
### Caveat:
|
||||
|
||||
- I use in cosign not the
|
||||
[keyless](https://github.com/sigstore/cosign/blob/main/KEYLESS.md) approach, as
|
||||
- I use in cosign not the _keyless_ approach, as
|
||||
I am not sure that it will work for **Azure DevOps**. So I generated a keypair
|
||||
and committed the public and private key into the repository.
|
||||
|
@ -105,9 +105,9 @@ To install cosign, you need to add the following line to our GitHub Action workf
|
||||
> $ brew install cosign
|
||||
> ```
|
||||
|
||||
You can start signing your artifacts by creating public/private key pairs with the **generate-key-pair** command. Then, you need to run the **sign** command with the private key you generated. But in today's blog post, we'll be talking about a unique concept in cosign called [Keyless Signing](https://github.com/sigstore/cosign/blob/main/KEYLESS.md), which means that we no longer need to generate public/private key pairs.
|
||||
You can start signing your artifacts by creating public/private key pairs with the **generate-key-pair** command. Then, you need to run the **sign** command with the private key you generated. But in today's blog post, we'll be talking about a unique concept in cosign called _Keyless Signing_, which means that we no longer need to generate public/private key pairs.
|
||||
|
||||
> For more background on **"keyless signing"**, see blog posts on the Chainguard blog on [Fulcio](https://chainguard.dev/posts/2021-11-12-fulcio-deep-dive) and [keyless signing with EKS](https://chainguard.dev/posts/2021-11-03-zero-friction-keyless-signing).
|
||||
> For more background on **"keyless signing"**, see blog posts on the Chainguard blog on [Fulcio](https://www.chainguard.dev/unchained/a-fulcio-deep-dive) and [keyless signing with EKS](https://www.chainguard.dev/unchained/zero-friction-keyless-signing-with-kubernetes).
|
||||
|
||||
It's important to note that another part of sigstore is [Fulcio](https://github.com/sigstore/fulcio),
|
||||
a root CA that issues signing certificates from OIDC tokens, and [Rekor](https://github.com/sigstore/rekor),
|
||||
@ -161,7 +161,8 @@ Once you have all of these, you will end up having something like the following
|
||||
|
||||
Also, a successful release pipeline:
|
||||
|
||||
](https://cdn-images-1.medium.com/max/5084/1*LUmE7iOj-HLkYT-yGoJMnQ.png)[https://github.com/goreleaser/supply-chain-example/runs/4618694011?check_suite_focus=true](https://github.com/goreleaser/supply-chain-example/runs/4618694011?check_suite_focus=true)
|
||||

|
||||
[A GitHub Actions run](https://github.com/goreleaser/goreleaser-example-supply-chain/actions/workflows/release.yml)
|
||||
|
||||
If you verify the container image you pushed to the ghcr.io, a **verify** command of cosign might help you verify the image's signature.
|
||||
|
||||
@ -184,6 +185,6 @@ Verified OK
|
||||
|
||||
GoReleaser always cares about the security of the artifacts it produces this is why it integrates with tools like cosign, Syft, etc., to mitigate the risks happening in software supply chains. As you can see from the examples we gave, it does that effortlessly by simply adding a bunch of new settings to your GoReleaser configuration file, which all happens behind the scenes without making it even more complex.
|
||||
|
||||
> 🍭 BONUS: Another important topic that gives you a confidence about the software’s integrity is [Reproducible Builds](http://reproducible-builds.org), are a set of software development practices that create an independently-verifiable path from source to binary code, thanks to [Carlos A. Becker](undefined), wrote a blogpost to explain it in detail, so, please do not forget to checkout it his blogpost to learn more about how GoReleaser can help you to achieve reproducibility👇
|
||||
> 🍭 BONUS: Another important topic that gives you a confidence about the software’s integrity is [Reproducible Builds](http://reproducible-builds.org), are a set of software development practices that create an independently-verifiable path from source to binary code, thanks to [Carlos A. Becker](https://caarlos0.dev/), wrote a blogpost to explain it in detail, so, please do not forget to checkout it his blogpost to learn more about how GoReleaser can help you to achieve reproducibility👇
|
||||
>
|
||||
> [Here's the link](https://medium.com/goreleaser/reproducible-build-with-goreleaser-6de2763458a5).
|
||||
|
@ -28,6 +28,7 @@ changelog:
|
||||
|
||||
# Sorts the changelog by the commit's messages.
|
||||
# Could either be asc, desc or empty
|
||||
# Empty means 'no sorting', it'll use the output of `git log` as is.
|
||||
sort: asc
|
||||
|
||||
# Max commit hash length to use in the changelog.
|
||||
|
@ -5,40 +5,38 @@ This pipe was designed based on the common [sign](/customization/sign/) pipe
|
||||
having [cosign](https://github.com/sigstore/cosign) in mind.
|
||||
|
||||
!!! info
|
||||
|
||||
Note that this pipe will run only at the end of the GoReleaser execution (in
|
||||
its publishing phase), as cosign will change the image in the registry.
|
||||
|
||||
|
||||
To customize the signing pipeline you can use the following options:
|
||||
|
||||
```yaml
|
||||
# .goreleaser.yml
|
||||
docker_signs:
|
||||
-
|
||||
# ID of the sign config, must be unique.
|
||||
- # ID of the sign config, must be unique.
|
||||
# Only relevant if you want to produce some sort of signature file.
|
||||
#
|
||||
# Default: 'default'
|
||||
id: foo
|
||||
|
||||
# Path to the signature command
|
||||
# Path to the signature command.
|
||||
#
|
||||
# Default: 'cosign'
|
||||
cmd: cosign
|
||||
|
||||
# Command line arguments for the command
|
||||
# Command line arguments for the command.
|
||||
#
|
||||
# Default: ["sign", "--key=cosign.key", "${artifact}@${digest}", "--yes"]
|
||||
# Default: ["sign", "--key=cosign.key", "${artifact}", "--yes"]
|
||||
# Templates: allowed
|
||||
args:
|
||||
- "sign"
|
||||
- "--key=cosign.key"
|
||||
- "--upload=false"
|
||||
- "${artifact}"
|
||||
- "--yes" # needed on cosign 2.0.0+
|
||||
- "sign"
|
||||
- "--key=cosign.key"
|
||||
- "--upload=false"
|
||||
- "${artifact}"
|
||||
- "--yes" # needed on cosign 2.0.0+
|
||||
|
||||
|
||||
# Which artifacts to sign
|
||||
# Which artifacts to sign.
|
||||
#
|
||||
# all: all artifacts
|
||||
# none: no signing
|
||||
@ -56,17 +54,19 @@ docker_signs:
|
||||
# Stdin data to be given to the signature command as stdin.
|
||||
#
|
||||
# Templates: allowed
|
||||
stdin: '{{ .Env.COSIGN_PWD }}'
|
||||
stdin: "{{ .Env.COSIGN_PWD }}"
|
||||
|
||||
# StdinFile file to be given to the signature command as stdin.
|
||||
stdin_file: ./.password
|
||||
|
||||
# List of environment variables that will be passed to the signing command as well as the templates.
|
||||
# List of environment variables that will be passed to the signing command
|
||||
# as well as the templates.
|
||||
env:
|
||||
- FOO=bar
|
||||
- HONK=honkhonk
|
||||
- FOO=bar
|
||||
- HONK=honkhonk
|
||||
|
||||
# By default, the stdout and stderr of the signing cmd are discarded unless GoReleaser is running with `--debug` set.
|
||||
# By default, the stdout and stderr of the signing cmd are discarded unless
|
||||
# GoReleaser is running with `--debug` set.
|
||||
# You can set this to true if you want them to be displayed regardless.
|
||||
#
|
||||
# Since: v1.2
|
||||
@ -77,18 +77,21 @@ docker_signs:
|
||||
|
||||
These environment variables might be available in the fields that are templateable:
|
||||
|
||||
- `${artifact}`: the path to the artifact that will be signed [^1]
|
||||
- `${digest}`: the digest of the image/manifest that will be signed [^2]
|
||||
- `${artifact}`[^1]: the path to the artifact that will be signed (including the
|
||||
digest[^2])
|
||||
- `${digest}`[^2]: the digest of the image/manifest that will be signed
|
||||
- `${artifactID}`: the ID of the artifact that will be signed
|
||||
- `${certificate}`: the certificate file name, if provided
|
||||
|
||||
[^1]: notice that this might contain `/` characters, which depending on how
|
||||
you use it might evaluate to actual paths within the file system. Use with
|
||||
care.
|
||||
[^2]: those are extracted automatically when running Docker push from within
|
||||
GoReleaser. Using the digest helps making sure you're signing the right image
|
||||
and avoid concurrency issues.
|
||||
[^1]:
|
||||
notice that this might contain `/` characters, which depending on how
|
||||
you use it might evaluate to actual paths within the file system. Use with
|
||||
care.
|
||||
|
||||
[^2]:
|
||||
those are extracted automatically when running Docker push from within
|
||||
GoReleaser. Using the digest helps making sure you're signing the right image
|
||||
and avoid concurrency issues.
|
||||
|
||||
## Common usage example
|
||||
|
||||
@ -99,8 +102,8 @@ and manifests would look like this:
|
||||
```yaml
|
||||
# .goreleaser.yml
|
||||
docker_signs:
|
||||
- artifacts: all
|
||||
stdin: '{{ .Env.COSIGN_PWD }}'
|
||||
- artifacts: all
|
||||
stdin: "{{ .Env.COSIGN_PWD }}"
|
||||
```
|
||||
|
||||
Later on you (and anyone else) can verify the image with:
|
||||
|
@ -117,14 +117,11 @@ nix:
|
||||
|
||||
Learn more about the [name template engine](/customization/templates/).
|
||||
|
||||
## Things not yet implemented
|
||||
## Things not supported
|
||||
|
||||
- Generating packages that compile from source (using `buildGoModule`)
|
||||
- Generating packages when `archives.format` is `binary`
|
||||
|
||||
Both issues are in [the radar][iss4034].
|
||||
You're welcome to contribute. 😄
|
||||
|
||||
## Dependencies
|
||||
|
||||
### `nix-prefetch-url`
|
||||
|
@ -678,7 +678,7 @@ This also includes `install.goreleaser.com`.
|
||||
|
||||
Most common tools installed via that website were probably
|
||||
[GoReleaser](/install/) itself and
|
||||
[golangci-lint](https://golangci-lint.run/usage/install/).
|
||||
[golangci-lint](https://golangci-lint.run/welcome/install/).
|
||||
|
||||
Please follow to the check their documentation for alternative install methods.
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user