fix: sign before brew et al (#3012)

Signing might change a file (e.g. gon), so, if sign after we built the brew tap, the checksums won't match. Moving this around a bit should have no negative side-effects (that I'm aware of, that is), and should fix that issue. closes #3010
2025-02-05 13:15:26 +02:00 · 2022-04-01 16:04:47 -03:00 · 2022-04-01 16:04:47 -03:00 · c4a2148e3b
commit c4a2148e3b
parent 71eb7a541a
1 changed files with 3 additions and 3 deletions
--- a/internal/pipeline/pipeline.go
+++ b/internal/pipeline/pipeline.go
@ -75,14 +75,14 @@ var Pipeline = append(
 	sourcearchive.Pipe{}, // archive the source code using git-archive
 	nfpm.Pipe{},          // archive via fpm (deb, rpm) using "native" go impl
 	snapcraft.Pipe{},     // archive via snapcraft (snap)
+	sbom.Pipe{},          // create SBOMs of artifacts
+	checksums.Pipe{},     // checksums of the files
+	sign.Pipe{},          // sign artifacts
 	aur.Pipe{},           // create arch linux aur pkgbuild
 	brew.Pipe{},          // create brew tap
 	gofish.Pipe{},        // create gofish rig
 	krew.Pipe{},          // krew plugins
 	scoop.Pipe{},         // create scoop buckets
-	sbom.Pipe{},          // create SBOMs of artifacts
-	checksums.Pipe{},     // checksums of the files
-	sign.Pipe{},          // sign artifacts
 	docker.Pipe{},        // create and push docker images
 	metadata.Pipe{},      // creates a metadata.json and an artifacts.json files in the dist folder
 	publish.Pipe{},       // publishes artifacts