From cffd2149cd261edce6c591767a893103cde39563 Mon Sep 17 00:00:00 2001 From: Even Holthe Date: Wed, 31 Jul 2024 09:07:14 +0200 Subject: [PATCH] Add Goreleaser --- .github/workflows/goreleaser.yaml | 51 ++++++++++++++++++++ .goreleaser.yaml | 78 +++++++++++++++++++++++++++++-- Makefile | 5 +- 3 files changed, 127 insertions(+), 7 deletions(-) create mode 100644 .github/workflows/goreleaser.yaml diff --git a/.github/workflows/goreleaser.yaml b/.github/workflows/goreleaser.yaml new file mode 100644 index 0000000..29d6d75 --- /dev/null +++ b/.github/workflows/goreleaser.yaml @@ -0,0 +1,51 @@ +name: goreleaser + +on: + push: + tags: + - '*' + +permissions: + contents: write + packages: write + id-token: write # needed for signing the images with GitHub OIDC Token + actions: read + +jobs: + goreleaser: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - run: git fetch --force --tags + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: stable + + - name: Log into GHCR registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Install Cosign + uses: sigstore/cosign-installer@v3.5.0 + + - name: Install Syft for SBOM Generation + shell: bash + run: curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin + + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v6 + with: + distribution: goreleaser + version: '~> v2' + args: release --clean + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 8f4f968..73d4b91 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -22,9 +22,15 @@ builds: ignore: - goos: darwin goarch: i386 + tags: + - osusergo + - netgo archives: - format: tar.gz + files: + - readme.md + - server.md # this name template makes the OS and Arch compatible with the results of `uname`. name_template: >- {{ .ProjectName }}_ @@ -38,9 +44,73 @@ archives: - goos: windows format: zip +dockers: + - image_templates: + - "ghcr.io/kartverket/skipctl:{{ .Tag }}-linux-amd64" + use: buildx + build_flag_templates: + - "--pull" + - "--platform=linux/amd64" + goos: linux + goarch: amd64 + - image_templates: + - "ghcr.io/kartverket/skipctl:{{ .Tag }}-linux-arm64" + use: buildx + build_flag_templates: + - "--pull" + - "--platform=linux/arm64" + goos: linux + goarch: arm64 + - image_templates: + - "ghcr.io/kartverket/skipctl:{{ .Tag }}-darwin-arm64" + use: buildx + build_flag_templates: + - "--pull" + - "--platform=darwin/arm64" + goos: darwin + goarch: arm64 + - image_templates: + - "ghcr.io/kartverket/skipctl:{{ .Tag }}-darwin-amd64" + use: buildx + build_flag_templates: + - "--pull" + - "--platform=darwin/amd64" + goos: darwin + goarch: amd64 + +docker_manifests: + - name_template: "ghcr.io/kartverket/skipctl:{{ .Tag }}" + image_templates: + - "ghcr.io/kartverket/skipctl:{{ .Tag }}-linux-arm64" + - "ghcr.io/kartverket/skipctl:{{ .Tag }}-linux-amd64" + - "ghcr.io/kartverket/skipctl:{{ .Tag }}-darwin-arm64" + - "ghcr.io/kartverket/skipctl:{{ .Tag }}-darwin-amd64" + +docker_signs: + - artifacts: all + cmd: cosign + args: + - "sign" + - "--oidc-issuer=https://token.actions.githubusercontent.com" + - "${artifact}" + - "--yes" + +signs: + - artifacts: all + cmd: cosign + signature: "${artifact}.sig" + args: + - "sign-blob" + - "--oidc-issuer=https://token.actions.githubusercontent.com" + - "--output-signature=${signature}" + - "${artifact}" + - "--yes" + +sboms: + - artifacts: archive + +checksum: + name_template: "checksums.txt" + changelog: sort: asc - filters: - exclude: - - "^docs:" - - "^test:" diff --git a/Makefile b/Makefile index ab55da9..2583360 100644 --- a/Makefile +++ b/Makefile @@ -32,9 +32,8 @@ debug: .PHONY: build build: lint test proto-lint generate - go build -trimpath -ldflags="-s -w -X 'main.GitCommitHash=$(version)'" + go build -tags osusergo,netgo -trimpath -ldflags="-s -w -X 'main.GitCommitHash=$(version)'" .PHONY: build-nolint build-nolint: test proto-lint generate - go build -trimpath -ldflags="-s -w -X 'main.GitCommitHash=$(version)'" - + go build -tags osusergo,netgo -trimpath -ldflags="-s -w -X 'main.GitCommitHash=$(version)'"