github.com/DelineaXPM/dsv-cli@v1.40.6/.goreleaser.yaml (about) 1 --- 2 # INFO: Why is there a _v1 suffix on amd64 builds? https://goreleaser.com/customization/build/#why-is-there-a-_v1-suffix-on-amd64-builds 3 project_name: dsv-cli 4 dist: .artifacts/goreleaser 5 env: 6 - GITHUB_TOKEN={{ if index .Env "GITHUB_TOKEN" }}{{ .Env.GITHUB_TOKEN }}{{else}}''{{end}} 7 - GITLAB_TOKEN='' 8 - GITEA_TOKEN='' 9 - LOCAL_DEBUGGING={{ if index .Env "LOCAL_DEBUGGING" }}{{ .Env.LOCAL_DEBUGGING }}{{else}}{{end}} 10 - QUILL_SIGN_P12={{ if index .Env "QUILL_SIGN_P12" }}{{ .Env.QUILL_SIGN_P12 }}{{else}}{{end}} 11 - QUILL_SIGN_PASSWORD={{ if index .Env "QUILL_SIGN_PASSWORD" }}{{ .Env.QUILL_SIGN_PASSWORD }}{{else}}{{end}} 12 - COSIGN_PASSWORD={{ if index .Env "COSIGN_PASSWORD" }}{{ .Env.COSIGN_PASSWORD }}{{else}}{{end}} 13 - COSIGN_KEY={{ if index .Env "COSIGN_KEY" }}{{ .Env.COSIGN_KEY }}{{else}}{{end}} 14 - DOCKER_CLI_EXPERIMENTAL=enabled 15 - S3_BUCKET={{ if index .Env "S3_BUCKET" }}{{ .Env.S3_BUCKET }}{{else}}{{end}} 16 - S3_KEY_PREFIX={{ if index .Env "S3_KEY_PREFIX" }}{{ .Env.S3_KEY_PREFIX }}{{else}}{{end}} 17 - CGO_ENABLED=0 18 before: 19 hooks: 20 - go mod download 21 builds: 22 - id: build-darwin 23 binary: &build-binary-name-template dsv 24 # dsv-{{ replace .Os "windows" "win" }}-{{ if eq .Arch "386" }}x86{{ else if eq .Arch "amd64" }}x64{{ else }}{{ .Arch }}{{end}} 25 mod_timestamp: '{{ .CommitTimestamp }}' 26 ldflags: &common-ldflags | 27 -s -w 28 -X github.com/DelineaXPM/dsv-cli/version.Version={{.Version}} 29 -X github.com/DelineaXPM/dsv-cli/version.GitCommit={{ .FullCommit }} 30 -X github.com/DelineaXPM/dsv-cli/version.BuildDate={{ .CommitDate }} 31 goos: [darwin] 32 goarch: 33 - amd64 34 - arm64 35 hooks: 36 post: 37 # Quill tool is installed in environment by aqua. 38 - cmd: '{{ if index .Env "QUILL_SIGN_P12_PASSWORD" }}quill sign "{{ .Path }}" --ad-hoc={{ .IsSnapshot }} -vv{{ else }}echo "👉 no QUILL_SIGN_P12_PASSWORD provided so bypassing"{{ end }}' 39 env: 40 - QUILL_LOG_FILE=.cache/quill-{{ .Target }}.log 41 - QUILL_SIGN_P12={{ .Env.QUILL_SIGN_P12 }} 42 - QUILL_SIGN_P12_PASSWORD={{ .Env.QUILL_SIGN_PASSWORD }} 43 - cmd: &hook-sign-blob '{{ if index .Env "COSIGN_PASSWORD" }}cosign sign-blob --key={{.Env.COSIGN_KEY }} --output-signature="{{ .Path }}.sig" --output-file=".cache/cosign-{{ .Target }}.log" --verbose --yes "{{ .Path }}" {{ else }}echo "👉 no COSIGN_PASSWORD provided so bypassing"{{ end }}' 44 env: 45 - COSIGN_KEY={{ .Env.COSIGN_KEY }} 46 - COSIGN_PASSWORD={{ .Env.COSIGN_PASSWORD }} 47 - id: build-linux 48 binary: *build-binary-name-template 49 mod_timestamp: '{{ .CommitTimestamp }}' 50 ldflags: *common-ldflags 51 goos: [linux] 52 goarch: 53 - amd64 54 - '386' 55 hooks: 56 post: 57 - cmd: *hook-sign-blob 58 env: 59 - COSIGN_KEY={{ .Env.COSIGN_KEY }} 60 - COSIGN_PASSWORD={{ .Env.COSIGN_PASSWORD }} 61 - id: build-windows 62 binary: *build-binary-name-template 63 mod_timestamp: '{{ .CommitTimestamp }}' 64 ldflags: *common-ldflags 65 goos: [windows] 66 goarch: 67 - amd64 68 - '386' 69 hooks: 70 post: 71 - cmd: *hook-sign-blob 72 env: 73 - COSIGN_KEY={{ .Env.COSIGN_KEY }} 74 - COSIGN_PASSWORD={{ .Env.COSIGN_PASSWORD }} 75 archives: 76 # Name template is: 'dsv-{{ .Os }}-{{ .Arch }}', 77 # but we replace: 78 # - "windows" with "win" 79 # - "386" with "x86" 80 # - "amd64" with "x64" 81 # Example: "build-windows-amd64.exe" -> "dsv-win-x64.exe" 82 # - id: archives 83 # builds: 84 # - build-darwin 85 # - build-linux 86 # - build-windows 87 # name_template: dsv-{{ replace .Os "windows" "win" }}-{{ if eq .Arch "386" }}x86{{ else }}{{ .Arch }}{{end}} 88 # files: 89 # - dsv 90 # - '.artifacts/goreleaser/*.sig' 91 92 - format: binary 93 id: archive-binary-darwin 94 name_template: &artifact-build-name dsv-{{ replace .Os "windows" "win" }}-{{ if eq .Arch "386" }}x86{{ else if eq .Arch "amd64" }}x64{{ else }}{{ .Arch }}{{end}} 95 builds: 96 - build-darwin 97 - format: binary 98 id: archive-binary-linux 99 name_template: *artifact-build-name 100 builds: 101 - build-linux 102 - format: binary 103 id: archive-binary-windows 104 name_template: *artifact-build-name 105 builds: 106 - build-windows 107 - format: zip 108 id: archive-zip-windows 109 name_template: *artifact-build-name 110 builds: 111 - build-windows 112 checksum: 113 name_template: checksums-sha256.txt 114 algorithm: sha256 115 disable: false 116 117 release: 118 prerelease: auto 119 draft: false 120 mode: replace 121 skip_upload: false 122 replace_existing_draft: true 123 name_template: '{{.ProjectName}}-v{{.Version}}' 124 extra_files: 125 - glob: .artifacts/goreleaser/**/*.sig 126 - glob: .artifacts/cli-version.json 127 128 sboms: 129 - artifacts: binary 130 id: sbom-binaries 131 documents: 132 - '{{ .Binary }}-{{ .Os }}-{{ .Arch }}.sbom.json' 133 #- '${artifact}.{{.Runtime.Goos}}.{{.Runtime.Goarch}}.spdx.json' 134 changelog: 135 skip: false 136 sort: asc 137 use: github 138 groups: 139 - title: Features 140 regexp: "^.*feat[(\\w)]*:+.*$" 141 order: 0 142 - title: 'Fixes' 143 regexp: "^.*fix[(\\w)]*:+.*$" 144 order: 1 145 - title: 'CI & Chore' 146 regexp: "^.*(fix|chore|build)[(\\w)]*:+.*$" 147 order: 2 148 - title: Others 149 order: 999 150 filters: 151 exclude: 152 - '^docs:' 153 - '^test:' 154 - '^style:' 155 blobs: 156 # Binaries, signatures, and SBOMs 157 - provider: s3 158 region: us-east-1 159 disableSSL: true 160 bucket: '{{ .Env.S3_BUCKET }}' 161 folder: '{{ .Env.S3_KEY_PREFIX }}/{{.Version}}' 162 extra_files: 163 - glob: .artifacts/goreleaser/**/*.sig 164 165 brews: 166 - name: dsv-cli 167 ids: 168 - archive-binary-linux 169 - archive-binary-darwin 170 tap: 171 owner: DelineaXPM 172 name: homebrew-tap 173 branch: main 174 token: '{{ .Env.GITHUB_TOKEN }}' 175 download_strategy: CurlDownloadStrategy 176 commit_author: 177 name: goreleaserbot 178 email: bot@goreleaser.com 179 commit_msg_template: 'Brew formula update for {{ .ProjectName }} version {{ .Tag }}' 180 folder: Formula 181 homepage: 'https://github.com/DelineaXPM/dsv-cli' 182 description: '⚡ A cross-platform swiss army knife tool for DevOps secrets management from Delinea.' 183 license: 'Apache-2.0 license' 184 skip_upload: '{{ if .IsSnapshot }}true{{else}}false{{end}}' 185 dependencies: 186 - name: git 187 conflicts: [] 188 test: | 189 assert_equal "{{.Version}}", shell_output("#{bin}/dsv --version").strip 190 191 scoop: 192 bucket: 193 owner: DelineaXPM 194 name: scoop-bucket 195 branch: main 196 commit_author: 197 name: goreleaserbot 198 email: bot@goreleaser.com 199 homepage: 'https://github.com/DelineaXPM/dsv-cli' 200 description: '⚡ A cross-platform swiss army knife tool for DevOps secrets management from Delinea.' 201 license: 'Apache-2.0 license' 202 skip_upload: '{{ if .IsSnapshot }}true{{else}}false{{end}}' 203 204 snapcrafts: 205 - id: dsv-cli-snap 206 builds: 207 - build-linux #'{{ if (eq .Runtime.Goos "linux") }}build-linux{{else}}{{end}}' 208 name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}' 209 name: dsv-cli 210 # must run snapcraft login first 211 publish: true 212 summary: '⚡ A cross-platform swiss army knife tool for DevOps secrets management from Delinea.' 213 description: | 214 The DSV CLI is a cross-platform swiss army knife tool for DevOps secrets management from Delinea. 215 It is designed to be a simple, yet powerful, tool for managing secrets in a variety of 216 environments. It is designed to be used in CI/CD pipelines, as well as locally on developer 217 machines. 218 grade: stable 219 confinement: strict 220 license: Apache-2.0 221 apps: 222 # The name of the app must be the same name as the binary built or the snapcraft name. 223 dsv-cli: 224 # https://snapcraft.io/docs/home-interface 225 plugs: ['network'] # removed home, and personal-files as these would persist outside the snap but require special approval. Instead all the data will be contained the snap environment itself. 226 command: dsv 227 228 # SNAP DOCS: 229 # https://snapcraft.io/docs/environment-variables 230 # For non-classic snaps, this environment variable is re-written to SNAP_USER_DATA by snapd so that each snap appears to have a dedicated home directory that is a subdirectory of the real home directory. 231 # args: --config 'SNAP_USER_COMMON/.dsv.yml' 232 # aliases: ['dsv'] 233 # as a result, no plugs for home should be required 234 # plugs: 235 # personal-files: 236 # read: 237 # - $HOME/.dsv.yml 238 # - $HOME/.thy 239 # write: 240 # - $HOME/.dsv.yml 241 # - $HOME/.thy 242 dockers: 243 - id: docker-publish-cli 244 ids: [build-linux] 245 goos: linux 246 image_templates: 247 - '{{ if index .Env "DOCKER_ORG" }}{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:{{ .Tag }}{{ end }}' 248 - '{{ if index .Env "DOCKER_ORG" }}{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:latest{{ end }}' 249 skip_push: false 250 dockerfile: ./docker/Dockerfile.dsv.chainguard 251 use: buildx 252 build_flag_templates: 253 - --platform=linux/amd64 254 - --label=org.opencontainers.image.created={{.Date}} 255 - --label=org.opencontainers.image.title={{ .ProjectName }} 256 - --label=org.opencontainers.image.revision={{ .FullCommit }} 257 - --label=org.opencontainers.image.version={{.Version}} 258 # local builds 259 - id: docker-publish-local 260 ids: [build-linux] 261 goos: linux 262 image_templates: 263 - '{{ .ProjectName }}:{{ .Tag }}' 264 - '{{ .ProjectName }}:latest' # This one is for dev usage so latest version, no tagged semver required in docker compose or local testing 265 skip_push: true 266 dockerfile: ./docker/Dockerfile.dsv.chainguard 267 use: buildx 268 build_flag_templates: 269 - --platform=linux/amd64 270 - --label=org.opencontainers.image.created={{.Date}} 271 - --label=org.opencontainers.image.title={{ .ProjectName }} 272 - --label=org.opencontainers.image.revision={{ .FullCommit }} 273 - --label=org.opencontainers.image.version={{.Version}} 274 - --label=org.opencontainers.image.version="{{ .Tag }}"