- log keys will be ordered as intended instead of sorted
- paths always relative to cwd
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
this adds a new root-level `upx` config, so users can pack their
binaries with upx :)
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
This brings the scoops feature a bit more closer to similar pipes, like
brew and krew.
- It now supports multiple scoops
- It improves some validations to prevent wrong manifests
- It uses extra.binaries instead of extra.builds, as brew does too
- extra.builds is now unused, will be removed in a subsequent PR
- More tests were added as well
closes#3941
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
basically redoing #3559 as it got impossible to merge with the many
changes since it was open (which is totally my fault for not merging it
earlier).
Anyhow, still a WIP, going also doing some other related improvements in
the way.
cc/ @graytonio
closes#3559closes#3525
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Co-authored-by: Grayton Ward <graytonio.ward@gmail.com>
This adds a log with the size of the generated binaries/packages/etc in
the end of the build process, and also adds it to the artifacts.json
closes#3949
TODO:
- [x] tests
- [x] docs
- [ ] ??
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Bumps
[github.com/charmbracelet/keygen](https://github.com/charmbracelet/keygen)
from 0.3.0 to 0.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/charmbracelet/keygen/releases">github.com/charmbracelet/keygen's
releases</a>.</em></p>
<blockquote>
<h2>v0.4.1</h2>
<h2>Changelog</h2>
<h3>Bug fixes</h3>
<ul>
<li>ba5b3746062cbc051702c188911f44c1e2b5c986: fix: don't trim key path
(<a
href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a>)</li>
</ul>
<hr />
<p><!-- raw HTML omitted --><!-- raw HTML omitted --><!-- raw HTML
omitted --></p>
<p>Thoughts? Questions? We love hearing from you. Feel free to reach out
on <a href="https://twitter.com/charmcli">Twitter</a>, <a
href="https://mastodon.technology/@charm">The Fediverse</a>, or on <a
href="https://charm.sh/chat">Discord</a>.</p>
<h2>v0.4.0</h2>
<h1>Breaking Change</h1>
<ul>
<li>Keygen no longer appends the key type to the file path.</li>
<li>Use functional options to specify key type, passphrase, and other
options.</li>
<li><code>PrivateKeyPEM</code> is now <code>RawPrivateKey</code></li>
<li><code>RawProtectedPrivateKey</code> returns the password protected
PEM encoded private key.</li>
<li><code>PublicKey</code> is now <code>RawAuthorizedKey</code>.</li>
<li><code>AuthorizedKey</code> returns the authorized key stripped out
of comments and options (the ssh pubic key only).</li>
<li><code>PrivateKey</code> now returns the underlying
<code>crypto.PrivateKey</code></li>
<li>Use <code>Signer</code> to get an <code>ssh.Signer</code> from your
key pair.</li>
</ul>
<h2>Changelog</h2>
<h3>New Features</h3>
<ul>
<li>ab32d1ae447e5d74a47dd64ec2e75d0a827ccc9b: feat(ci): add workflows
and goreleaser (<a
href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a>)</li>
<li>6ed037835403e5da4a2aa10e5c8568ff4a3bad41: feat: add more tests (<a
href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a>)</li>
<li>37c7434ac69d79048521a7e4bfa0f9dfbb0c1f23: feat: bump dependencies
(<a
href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a>)</li>
<li>8d80e760657463eda55e2f0c773ed3fe3b3e3b08: feat: return ssh.Signer
(<a
href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a>)</li>
<li>6c0cbbb70022377d611d25d98836e016b2c145a5: feat: specify ECDSA
elliptic curve (<a
href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>30d86a9582001686d63de3f79e4e90a7b6a62a9e: fix: update x/crypto (<a
href="https://redirect.github.com/charmbracelet/keygen/issues/8">#8</a>)
(<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li>
</ul>
<h3>Documentation updates</h3>
<ul>
<li>eef068dedc6af24e8eda0c99db3a03c988b46cff: docs: new readme footer
(<a href="https://github.com/muesli"><code>@muesli</code></a>)</li>
<li>f7556041d69b45aef018df2269d29e6d018ae6cc: docs: update example in
readme (<a
href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a>)</li>
</ul>
<h3>Other work</h3>
<ul>
<li>472a463d0e8df9e768b350d75ee57a8c9baf69d6: ref: change api to expose
ssh.PublicKey and authorizd_key (<a
href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a>)</li>
</ul>
<hr />
<p><!-- raw HTML omitted --><!-- raw HTML omitted --><!-- raw HTML
omitted --></p>
<p>Thoughts? Questions? We love hearing from you. Feel free to reach out
on <a href="https://twitter.com/charmcli">Twitter</a>, <a
href="https://mastodon.technology/@charm">The Fediverse</a>, or on <a
href="https://charm.sh/chat">Discord</a>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ba5b374606"><code>ba5b374</code></a>
fix: don't trim key path</li>
<li><a
href="6ed0378354"><code>6ed0378</code></a>
feat: add more tests</li>
<li><a
href="6c0cbbb700"><code>6c0cbbb</code></a>
feat: specify ECDSA elliptic curve</li>
<li><a
href="8d80e76065"><code>8d80e76</code></a>
feat: return ssh.Signer</li>
<li><a
href="3dbbf0ca45"><code>3dbbf0c</code></a>
chore: go mod tidy</li>
<li><a
href="37c7434ac6"><code>37c7434</code></a>
feat: bump dependencies</li>
<li><a
href="472a463d0e"><code>472a463</code></a>
ref: change api to expose ssh.PublicKey and authorizd_key</li>
<li><a
href="30d86a9582"><code>30d86a9</code></a>
fix: update x/crypto (<a
href="https://redirect.github.com/charmbracelet/keygen/issues/8">#8</a>)</li>
<li><a
href="eef068dedc"><code>eef068d</code></a>
docs: new readme footer</li>
<li><a
href="f7556041d6"><code>f755604</code></a>
docs: update example in readme</li>
<li>Additional commits viewable in <a
href="https://github.com/charmbracelet/keygen/compare/v0.3.0...v0.4.1">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/charmbracelet/keygen&package-manager=go_modules&previous-version=0.3.0&new-version=0.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
This now works for files added to the source archive **after** the `git
archive` command is run. During the `git archive`, it seems that the
`tar` is still using some format that doesn't support utf-8 by default.
Tomorrow I'll look more into it.
see https://pkg.go.dev/archive/tar#Formatcloses#3812
---------
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Co-Authored-By: Mohammed Al Sahaf <msaa1990@gmail.com>
Add extension to produced artifacts so that they can be filtered in
later steps
Fixes#3933
Co-authored-by: Carlos A Becker <caarlos0@users.noreply.github.com>
its too hard to debug docker build issues... sometimes is just a typo in
the binary name, and you might end debugging it for way too long...
this prints the full path to the build context (so, locally at least,
you can cd into it) and also all the files available there when the
error seems to be one of the "file not found" kind.
Hopefully this helps fixing things easier :)
closes#3912
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
This reverts back to using `git archive` for the source archives... but
will keep supporting extra files.
##### How it works:
Basically, we run `git archive` as before.
Then, we make a backup of the generated archive, and create a new one
copying by reading from the backup and writing into the new one.
Finally, we write the extra files to the new one as well.
This only happens if the configuration does have extra files, otherwise,
just the simple `git archive` will be run.
PS: we can't just append to the archive because weird tar format
paddings et al.
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
closes#3485
also fixed a bug in file creation for github: it was always searching
for the file in the default branch
also, we don't need to create the file first, update does both create
and update.
TODO: implement the for krew, scoop, etc...
---------
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
This would allow to, when multiple tokens are set in the environment,
force which one you want to use.
The need for this comes from the fact gitea sets both `GITHUB_TOKEN` and
`GITEA_TOKEN`, and doesn't allow to easily disable either.
With this, users can add a `GORELEASER_FORCE_TOKEN=gitea` to force the
gitea client to be used.
I'm not sure what's the best name for this env yet, happy to hear
suggestions.
Also improved the `env_test.go` file a bit, as it was kinda messy with
env vars...
refs https://github.com/orgs/goreleaser/discussions/3900
---------
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Fixes issue #3890 by checking the user's git `gpg.program`
configuration. If the user didn't set this value it will use the default
"gpg", just like before this PR.
No need to add a additional unit test as your existing tests cover it
(mostly); however, a comment has been added to that check, informing the
reader that the test environment assumes `git config gpg.program` is not
be set.
<!--
Hi, thanks for contributing!
Please make sure you read our CONTRIBUTING guide.
Also, add tests and the respective documentation changes as well.
-->
<!-- If applied, this commit will... -->
This commit will fix bad version tag sort if there is a prerelease on
the same commit as a release tag. Current output is shown below
```
❯ git tag --points-at HEAD --sort=-version:refname --format='%(creatordate)%09%(refname)'
Thu Mar 2 21:38:51 2023 +0300 refs/tags/v1.13.0-rc3
Thu Mar 2 21:38:51 2023 +0300 refs/tags/v1.13.0
```
Test is changed to match current default value so it will fail without
this fix.
Default value `-` is set to the one that is described inside
[docs](https://goreleaser.com/how-it-works/?h=prerelease#how-it-works),
but people are still allowed to change it.
Output with fix applied
```
❯ git -c versionsort.suffix=- tag --points-at HEAD --sort -version:refname --format='%(creatordate)%09%(refname)'
Thu Mar 2 21:38:51 2023 +0300 refs/tags/v1.13.0
Thu Mar 2 21:38:51 2023 +0300 refs/tags/v1.13.0-rc3
```
<!-- # Provide links to any relevant tickets, URLs or other resources
-->
More info about `versionsort.suffix` can be found
[here](https://github.com/git/git/blob/master/Documentation/config/versionsort.txt#L5)
Docs as well both schemas are updated as well.
I am not sure if users should be allowed to change this option at all.
here's an idea: `goreleaser healthcheck`
It'll check if the needed dependencies (docker, git, etc) are available
in the path... this way users can preemptively run it before releasing
or to debug issues.
What do you think?
Here's how it looks like:
<img width="1007" alt="CleanShot 2023-03-02 at 23 24 26@2x"
src="https://user-images.githubusercontent.com/245435/222615682-d9cd0733-d900-43d1-9166-23b2be589b3a.png">
---------
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
If all other strategies fail, try to infer the `package_name` property
from the `go.mod` file, using its last segment as the actual package
name.
This is not perfect, but usually this will only be used when running
against a new project, with no git url, empty/default config, etc... so,
in reality, it'll rarely be used.
closes#3825
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Creating the temp dir for docker builds was required back in the day
because we symlinked the files, so to avoid different filesystems et al,
this was the easier solution.
Since many versions ago, we switched to copying the files instead, which
works a lot better.
This also means we don't need the dist check for extra files anymore, as
long as we create the temp outside dist.
All that said, this PR does 2 things:
- changes the docker pipe to create the dist in the user's tempdir
instead of dist
- removes the dist path check for docker's extra files
closes#3790closes#3791
cosign v2 update!
- need to use `--yes` to auto-approve prompts
cc/ @cpanato anything else I'm missing?
---------
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
alternative to #3806
the idea is that both `context.New` and `context.Context{}` are never
used in tests.
not sure yet how much I like it, so far code does look a bit more
readable though.
---------
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
it was forcing to provide the same information as env and yaml.
this should fix it.
---------
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>