99afc8d62e
very, very, very WIP implementation of nixpkgs for GoReleaser. **Decisions made for this first version:** - only linux and darwin, arm64, 386 and amd64 - only support pkgs from goreleaser-generated archives - no support to push into default nixpkgs repository - no support to automatically add the _maybe_ new pkg to the root `default.nix` - the generated nixpkg will be rather verbose, which shouldn't be too much of an issue as it is autogenerated anyway **TODOs**: - [x] macos universal binary support - [x] custom pkg path (e.g. pkgs/misc/foo/bar/default.nix) - [x] handle archives with a folder in them - [x] add more options: postInstall, ?? **Will be handled in future versions**: - [ ] archives.format=binary support - [ ] compile from source - [ ] PR-ing into nixpkgs - [ ] armv6l-linux & armv7l-linux support closes #3537 --------- Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
11 KiB
Install
There are two GoReleaser distributions: OSS and Pro.
You can install the pre-compiled binary (in several ways), use Docker or compile from source (when on OSS).
Below you can find the steps for each of them.
Install the pre-compiled binary
homebrew tap
=== "OSS"
bash brew install goreleaser/tap/goreleaser
=== "Pro"
bash brew install goreleaser/tap/goreleaser-pro
homebrew
=== "OSS"
bash brew install goreleaser
!!! info The formula in homebrew-core might be slightly outdated. Use our homebrew tap to always get the latest updates.
snapcraft
=== "OSS"
bash sudo snap install --classic goreleaser
scoop
=== "OSS"
bash scoop bucket add goreleaser https://github.com/goreleaser/scoop-bucket.git scoop install goreleaser
=== "Pro"
bash scoop bucket add goreleaser https://github.com/goreleaser/scoop-bucket.git scoop install goreleaser-pro
apt
=== "OSS"
bash echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list sudo apt update sudo apt install goreleaser
=== "Pro"
bash echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list sudo apt update sudo apt install goreleaser-pro
yum
=== "OSS"
bash echo '[goreleaser] name=GoReleaser baseurl=https://repo.goreleaser.com/yum/ enabled=1 gpgcheck=0' | sudo tee /etc/yum.repos.d/goreleaser.repo sudo yum install goreleaser
=== "Pro"
bash echo '[goreleaser] name=GoReleaser baseurl=https://repo.goreleaser.com/yum/ enabled=1 gpgcheck=0' | sudo tee /etc/yum.repos.d/goreleaser.repo sudo yum install goreleaser-pro
aur
=== "OSS"
bash yay -S goreleaser-bin
=== "Pro"
bash yay -S goreleaser-pro-bin
nix
nixpkgs
=== "OSS"
bash nix-env -iA goreleaser
!!! info The package in nixpkgs might be slightly outdated, as it is not updated automatically. Use our NUR to always get the latest updates.
nur
First, you'll need to add our NUR to your nix configuration. You can follow the guides here.
Once you do that, you can install the packages.
=== "OSS"
nix { pkgs, lib, ... }: { home.packages = with pkgs; [ nur.repos.goreleaser.goreleaser ]; }
=== "Pro"
nix { pkgs, lib, ... }: { home.packages = with pkgs; [ nur.repos.goreleaser.goreleaser-pro ]; }
deb, rpm and apk packages
=== "OSS"
Download the .deb, .rpm or .apk packages from the OSS releases page and install them with the appropriate tools.
=== "Pro"
Download the .deb, .rpm or .apk packages from the Pro releases page and install them with the appropriate tools.
go install
=== "OSS"
bash go install github.com/goreleaser/goreleaser@latest
bash script
=== "OSS"
bash curl -sfL https://goreleaser.com/static/run | bash
=== "Pro"
bash curl -sfL https://goreleaser.com/static/run | DISTRIBUTION=pro bash
=== "Additional Options"
You can also set the VERSION and DISTRIBUTION variables to specify
a version instead of using latest and pro or oss distributions,
respectively.
You can also pass flags and args to GoReleaser:
```bash
curl -sfL https://goreleaser.com/static/run |
VERSION=__VERSION__ DISTRIBUTION=oss bash -s -- check
```
!!! tip This script does not install anything, it just downloads, verifies and runs GoReleaser. Its purpose is to be used within scripts and CIs.
manually
=== "OSS" Download the pre-compiled binaries from the OSS releases page and copy them to the desired location.
=== "Pro" Download the pre-compiled binaries from the Pro releases page and copy them to the desired location.
nightly
Nightly build are pre-releases of the current code into the main branch. Use it for testing out new features only.
manually
=== "Pro" Download the pre-compiled binaries from the [nightly release][nighly-pro-releases] and copy them to the desired location.
bash script
=== "Pro"
bash curl -sfL https://goreleaser.com/static/run | VERSION=nightly DISTRIBUTION=pro bash -s -- release --clean
docker
=== "Pro"
Docker images are also available, look for tags with a -nightly suffix.
Registries:
- [`goreleaser/goreleaser-pro`](https://hub.docker.com/r/goreleaser/goreleaser-pro)
- [`ghcr.io/goreleaser/goreleaser-pro`](https://github.com/goreleaser/goreleaser/pkgs/container/goreleaser-pro)
Verifying the artifacts
binaries
All artifacts are checksummed, and the checksum file is signed with cosign.
=== "OSS"
1. Download the files you want, and the checksums.txt, checksum.txt.pem and checksums.txt.sig files from the releases page:
bash wget 'https://github.com/goreleaser/goreleaser/releases/download/__VERSION__/checksums.txt'
1. Verify the signature:
bash cosign verify-blob \ --certificate-identity 'https://github.com/goreleaser/goreleaser/.github/workflows/release.yml@refs/tags/__VERSION__' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ --cert 'https://github.com/goreleaser/goreleaser/releases/download/__VERSION__/checksums.txt.pem' \ --signature 'https://github.com/goreleaser/goreleaser/releases/download/__VERSION__/checksums.txt.sig' \ ./checksums.txt
1. If the signature is valid, you can then verify the SHA256 sums match with the downloaded binary:
bash sha256sum --ignore-missing -c checksums.txt
=== "Pro"
1. Download the files you want, and the checksums.txt, checksum.txt.pem and checksums.txt.sig files from the releases page:
bash wget 'https://github.com/goreleaser/goreleaser-pro/releases/download/__VERSION__-pro/checksums.txt'
1. Verify the signature:
bash cosign verify-blob \ --certificate-identity 'https://github.com/goreleaser/goreleaser-pro-internal/.github/workflows/release-pro.yml@refs/tags/__VERSION__-pro' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ --cert 'https://github.com/goreleaser/goreleaser-pro/releases/download/__VERSION__-pro/checksums.txt.pem' \ --signature 'https://github.com/goreleaser/goreleaser-pro/releases/download/__VERSION__-pro/checksums.txt.sig' \ ./checksums.txt
1. If the signature is valid, you can then verify the SHA256 sums match with the downloaded binary:
bash sha256sum --ignore-missing -c checksums.txt
docker images
Our Docker images are signed with cosign.
Verify the signatures:
=== "OSS"
bash cosign verify \ --certificate-identity 'https://github.com/goreleaser/goreleaser/.github/workflows/release.yml@refs/tags/__VERSION__' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ goreleaser/goreleaser
=== "Pro"
bash cosign verify \ --certificate-identity 'https://github.com/goreleaser/goreleaser-pro-internal/.github/workflows/release-pro.yml@refs/tags/__VERSION__-pro' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ goreleaser/goreleaser-pro
!!! info
The .pem and .sig files are the image name:tag, replacing / and : with -.
Running with Docker
You can also use it within a Docker container. To do that, you'll need to execute something more-or-less like the examples below.
=== "OSS" Registries:
- [`goreleaser/goreleaser`](https://hub.docker.com/r/goreleaser/goreleaser)
- [`ghcr.io/goreleaser/goreleaser`](https://github.com/goreleaser/goreleaser/pkgs/container/goreleaser)
Example usage:
```bash
docker run --rm --privileged \
-v $PWD:/go/src/github.com/user/repo \
-v /var/run/docker.sock:/var/run/docker.sock \
-w /go/src/github.com/user/repo \
-e GITHUB_TOKEN \
-e DOCKER_USERNAME \
-e DOCKER_PASSWORD \
-e DOCKER_REGISTRY \
goreleaser/goreleaser release
```
=== "Pro" Registries:
- [`goreleaser/goreleaser-pro`](https://hub.docker.com/r/goreleaser/goreleaser-pro)
- [`ghcr.io/goreleaser/goreleaser-pro`](https://github.com/goreleaser/goreleaser/pkgs/container/goreleaser-pro)
Example usage:
```bash
docker run --rm --privileged \
-v $PWD:/go/src/github.com/user/repo \
-v /var/run/docker.sock:/var/run/docker.sock \
-w /go/src/github.com/user/repo \
-e GITHUB_TOKEN \
-e DOCKER_USERNAME \
-e DOCKER_PASSWORD \
-e DOCKER_REGISTRY \
-e GORELEASER_KEY \
goreleaser/goreleaser-pro release
```
!!! info Now, the provided docker image does not support the generation of snapcraft packages.
Note that the image will almost always have the last stable Go version.
The DOCKER_REGISTRY environment variable can be left empty when you are
releasing to the public docker registry.
If you need more things, you are encouraged to keep your own image. You can always use GoReleaser's own Dockerfile as an example though and iterate from that.
Packaging status
Compiling from source
Here you have two options:
If you want to contribute to the project, please follow the steps on our contributing guide.
If you just want to build from source for whatever reason, follow these steps:
clone:
git clone https://github.com/goreleaser/goreleaser
cd goreleaser
get the dependencies:
go mod tidy
build:
go build -o goreleaser .
verify it works:
./goreleaser --version