github.com/khulnasoft/trivy@v0.48.1-0.20231207234930-27df843a75e0/goreleaser.yml (about) 1 project_name: trivy 2 builds: 3 - id: build-linux 4 main: cmd/trivy/main.go 5 binary: trivy 6 ldflags: 7 - -s -w 8 - "-extldflags '-static'" 9 - -X github.com/khulnasoft/trivy/pkg/version.ver={{.Version}} 10 env: 11 - CGO_ENABLED=0 12 goos: 13 - linux 14 goarch: 15 - 386 16 - arm 17 - amd64 18 - arm64 19 - s390x 20 - ppc64le 21 goarm: 22 - 7 23 - id: build-bsd 24 main: cmd/trivy/main.go 25 binary: trivy 26 ldflags: 27 - -s -w 28 - "-extldflags '-static'" 29 - -X github.com/khulnasoft/trivy/pkg/version.ver={{.Version}} 30 env: 31 - CGO_ENABLED=0 32 goos: 33 - freebsd 34 goarch: 35 # modernc.org/sqlite doesn't support freebsd/arm64, etc. 36 - 386 37 - amd64 38 - id: build-macos 39 main: cmd/trivy/main.go 40 binary: trivy 41 ldflags: 42 - -s -w 43 - "-extldflags '-static'" 44 - -X github.com/khulnasoft/trivy/pkg/version.ver={{.Version}} 45 env: 46 - CGO_ENABLED=0 47 goos: 48 - darwin 49 goarch: 50 - amd64 51 - arm64 52 goarm: 53 - 7 54 - id: build-windows 55 main: cmd/trivy/main.go 56 binary: trivy 57 ldflags: 58 - -s -w 59 - "-extldflags '-static'" 60 - -X github.com/khulnasoft/trivy/pkg/version.ver={{.Version}} 61 env: 62 - CGO_ENABLED=0 63 goos: 64 - windows 65 goarch: 66 # modernc.org/sqlite doesn't support windows/386 and windows/arm, etc. 67 - amd64 68 goarm: 69 - 7 70 71 release: 72 extra_files: 73 - glob: ./bom.json 74 discussion_category_name: Announcements 75 76 nfpms: 77 - 78 formats: 79 - deb 80 - rpm 81 vendor: "khulnasoft" 82 homepage: "https://github.com/khulnasoft" 83 maintainer: "Teppei Fukuda <knqyf263@gmail.com>" 84 description: "A Fast Vulnerability Scanner for Containers" 85 license: "Apache-2.0" 86 file_name_template: >- 87 {{ .ProjectName }}_{{ .Version }}_ 88 {{- if eq .Os "darwin" }}macOS 89 {{- else if eq .Os "openbsd" }}OpenBSD 90 {{- else if eq .Os "netbsd" }}NetBSD 91 {{- else if eq .Os "freebsd" }}FreeBSD 92 {{- else if eq .Os "dragonfly" }}DragonFlyBSD 93 {{- else}}{{- title .Os }}{{ end }}- 94 {{- if eq .Arch "amd64" }}64bit 95 {{- else if eq .Arch "386" }}32bit 96 {{- else if eq .Arch "arm" }}ARM 97 {{- else if eq .Arch "arm64" }}ARM64 98 {{- else if eq .Arch "ppc64le" }}PPC64LE 99 {{- else }}{{ .Arch }}{{ end }} 100 contents: 101 - src: contrib/*.tpl 102 dst: /usr/local/share/trivy/templates 103 rpm: 104 signature: 105 key_file: '{{ .Env.GPG_FILE }}' 106 107 archives: 108 - id: archive 109 format: tar.gz 110 name_template: >- 111 {{ .ProjectName }}_{{ .Version }}_ 112 {{- if eq .Os "darwin" }}macOS 113 {{- else if eq .Os "linux" }}Linux 114 {{- else if eq .Os "openbsd" }}OpenBSD 115 {{- else if eq .Os "netbsd" }}NetBSD 116 {{- else if eq .Os "freebsd" }}FreeBSD 117 {{- else if eq .Os "dragonfly" }}DragonFlyBSD 118 {{- else}}{{- .Os }}{{ end }}- 119 {{- if eq .Arch "amd64" }}64bit 120 {{- else if eq .Arch "386" }}32bit 121 {{- else if eq .Arch "arm" }}ARM 122 {{- else if eq .Arch "arm64" }}ARM64 123 {{- else if eq .Arch "ppc64le" }}PPC64LE 124 {{- else }}{{ .Arch }}{{ end }} 125 files: 126 - README.md 127 - LICENSE 128 - contrib/*.tpl 129 format_overrides: 130 - goos: windows 131 format: zip 132 133 134 brews: 135 - 136 repository: 137 owner: khulnasoft 138 name: homebrew-trivy 139 homepage: "https://github.com/khulnasoft/trivy" 140 description: "Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues" 141 test: | 142 system "#{bin}/trivy", "--version" 143 144 dockers: 145 - image_templates: 146 - "docker.io/khulnasoft/trivy:{{ .Version }}-amd64" 147 - "docker.io/khulnasoft/trivy:latest-amd64" 148 - "ghcr.io/khulnasoft/trivy:{{ .Version }}-amd64" 149 - "ghcr.io/khulnasoft/trivy:latest-amd64" 150 - "public.ecr.aws/khulnasoft/trivy:latest-amd64" 151 - "public.ecr.aws/khulnasoft/trivy:{{ .Version }}-amd64" 152 use: buildx 153 goos: linux 154 goarch: amd64 155 ids: 156 - build-linux 157 build_flag_templates: 158 - "--label=org.opencontainers.image.title={{ .ProjectName }}" 159 - "--label=org.opencontainers.image.description=A Fast Vulnerability Scanner for Containers" 160 - "--label=org.opencontainers.image.vendor=Khulnasoft Security" 161 - "--label=org.opencontainers.image.version={{ .Version }}" 162 - "--label=org.opencontainers.image.created={{ .Date }}" 163 - "--label=org.opencontainers.image.source=https://github.com/khulnasoft/trivy" 164 - "--label=org.opencontainers.image.revision={{ .FullCommit }}" 165 - "--label=org.opencontainers.image.url=https://www.aquasec.com/products/trivy/" 166 - "--label=org.opencontainers.image.documentation=https://khulnasoft.github.io/trivy/v{{ .Version }}/" 167 - "--platform=linux/amd64" 168 extra_files: 169 - contrib/ 170 - image_templates: 171 - "docker.io/khulnasoft/trivy:{{ .Version }}-arm64" 172 - "docker.io/khulnasoft/trivy:latest-arm64" 173 - "ghcr.io/khulnasoft/trivy:{{ .Version }}-arm64" 174 - "ghcr.io/khulnasoft/trivy:latest-arm64" 175 - "public.ecr.aws/khulnasoft/trivy:latest-arm64" 176 - "public.ecr.aws/khulnasoft/trivy:{{ .Version }}-arm64" 177 use: buildx 178 goos: linux 179 goarch: arm64 180 ids: 181 - build-linux 182 build_flag_templates: 183 - "--label=org.opencontainers.image.title={{ .ProjectName }}" 184 - "--label=org.opencontainers.image.description=A Fast Vulnerability Scanner for Containers" 185 - "--label=org.opencontainers.image.vendor=Khulnasoft Security" 186 - "--label=org.opencontainers.image.version={{ .Version }}" 187 - "--label=org.opencontainers.image.created={{ .Date }}" 188 - "--label=org.opencontainers.image.source=https://github.com/khulnasoft/trivy" 189 - "--label=org.opencontainers.image.revision={{ .FullCommit }}" 190 - "--label=org.opencontainers.image.url=https://www.aquasec.com/products/trivy/" 191 - "--label=org.opencontainers.image.documentation=https://khulnasoft.github.io/trivy/v{{ .Version }}/" 192 - "--platform=linux/arm64" 193 extra_files: 194 - contrib/ 195 - image_templates: 196 - "docker.io/khulnasoft/trivy:{{ .Version }}-s390x" 197 - "docker.io/khulnasoft/trivy:latest-s390x" 198 - "ghcr.io/khulnasoft/trivy:{{ .Version }}-s390x" 199 - "ghcr.io/khulnasoft/trivy:latest-s390x" 200 - "public.ecr.aws/khulnasoft/trivy:latest-s390x" 201 - "public.ecr.aws/khulnasoft/trivy:{{ .Version }}-s390x" 202 use: buildx 203 goos: linux 204 goarch: s390x 205 ids: 206 - build-linux 207 build_flag_templates: 208 - "--label=org.opencontainers.image.title={{ .ProjectName }}" 209 - "--label=org.opencontainers.image.description=A Fast Vulnerability Scanner for Containers" 210 - "--label=org.opencontainers.image.vendor=Khulnasoft Security" 211 - "--label=org.opencontainers.image.version={{ .Version }}" 212 - "--label=org.opencontainers.image.created={{ .Date }}" 213 - "--label=org.opencontainers.image.source=https://github.com/khulnasoft/trivy" 214 - "--label=org.opencontainers.image.revision={{ .FullCommit }}" 215 - "--label=org.opencontainers.image.url=https://www.aquasec.com/products/trivy/" 216 - "--label=org.opencontainers.image.documentation=https://khulnasoft.github.io/trivy/v{{ .Version }}/" 217 - "--platform=linux/s390x" 218 extra_files: 219 - contrib/ 220 - image_templates: 221 - "docker.io/khulnasoft/trivy:{{ .Version }}-ppc64le" 222 - "docker.io/khulnasoft/trivy:latest-ppc64le" 223 - "ghcr.io/khulnasoft/trivy:{{ .Version }}-ppc64le" 224 - "ghcr.io/khulnasoft/trivy:latest-ppc64le" 225 - "public.ecr.aws/khulnasoft/trivy:latest-ppc64le" 226 - "public.ecr.aws/khulnasoft/trivy:{{ .Version }}-ppc64le" 227 use: buildx 228 goos: linux 229 goarch: ppc64le 230 ids: 231 - build-linux 232 build_flag_templates: 233 - "--label=org.opencontainers.image.title={{ .ProjectName }}" 234 - "--label=org.opencontainers.image.description=A Fast Vulnerability Scanner for Containers" 235 - "--label=org.opencontainers.image.vendor=Khulnasoft Security" 236 - "--label=org.opencontainers.image.version={{ .Version }}" 237 - "--label=org.opencontainers.image.created={{ .Date }}" 238 - "--label=org.opencontainers.image.source=https://github.com/khulnasoft/trivy" 239 - "--label=org.opencontainers.image.revision={{ .FullCommit }}" 240 - "--label=org.opencontainers.image.url=https://www.aquasec.com/products/trivy/" 241 - "--label=org.opencontainers.image.documentation=https://khulnasoft.github.io/trivy/v{{ .Version }}/" 242 - "--platform=linux/ppc64le" 243 extra_files: 244 - contrib/ 245 246 docker_manifests: 247 - name_template: 'khulnasoft/trivy:{{ .Version }}' 248 image_templates: 249 - 'khulnasoft/trivy:{{ .Version }}-amd64' 250 - 'khulnasoft/trivy:{{ .Version }}-arm64' 251 - 'khulnasoft/trivy:{{ .Version }}-s390x' 252 - 'khulnasoft/trivy:{{ .Version }}-ppc64le' 253 - name_template: 'ghcr.io/khulnasoft/trivy:{{ .Version }}' 254 image_templates: 255 - 'ghcr.io/khulnasoft/trivy:{{ .Version }}-amd64' 256 - 'ghcr.io/khulnasoft/trivy:{{ .Version }}-arm64' 257 - 'ghcr.io/khulnasoft/trivy:{{ .Version }}-s390x' 258 - 'ghcr.io/khulnasoft/trivy:{{ .Version }}-ppc64le' 259 - name_template: 'public.ecr.aws/khulnasoft/trivy:{{ .Version }}' 260 image_templates: 261 - 'public.ecr.aws/khulnasoft/trivy:{{ .Version }}-amd64' 262 - 'public.ecr.aws/khulnasoft/trivy:{{ .Version }}-arm64' 263 - 'public.ecr.aws/khulnasoft/trivy:{{ .Version }}-s390x' 264 - 'public.ecr.aws/khulnasoft/trivy:{{ .Version }}-ppc64le' 265 - name_template: 'khulnasoft/trivy:latest' 266 image_templates: 267 - 'khulnasoft/trivy:{{ .Version }}-amd64' 268 - 'khulnasoft/trivy:{{ .Version }}-arm64' 269 - 'khulnasoft/trivy:{{ .Version }}-s390x' 270 - 'khulnasoft/trivy:{{ .Version }}-ppc64le' 271 - name_template: 'ghcr.io/khulnasoft/trivy:latest' 272 image_templates: 273 - 'ghcr.io/khulnasoft/trivy:{{ .Version }}-amd64' 274 - 'ghcr.io/khulnasoft/trivy:{{ .Version }}-arm64' 275 - 'ghcr.io/khulnasoft/trivy:{{ .Version }}-s390x' 276 - 'ghcr.io/khulnasoft/trivy:{{ .Version }}-ppc64le' 277 - name_template: 'public.ecr.aws/khulnasoft/trivy:latest' 278 image_templates: 279 - 'public.ecr.aws/khulnasoft/trivy:{{ .Version }}-amd64' 280 - 'public.ecr.aws/khulnasoft/trivy:{{ .Version }}-arm64' 281 - 'public.ecr.aws/khulnasoft/trivy:{{ .Version }}-s390x' 282 - 'public.ecr.aws/khulnasoft/trivy:{{ .Version }}-ppc64le' 283 284 signs: 285 - cmd: cosign 286 env: 287 - COSIGN_EXPERIMENTAL=1 288 signature: "${artifact}.sig" 289 certificate: "${artifact}.pem" 290 args: 291 - "sign-blob" 292 - "--oidc-issuer=https://token.actions.githubusercontent.com" 293 - "--output-certificate=${certificate}" 294 - "--output-signature=${signature}" 295 - "${artifact}" 296 - "--yes" 297 artifacts: all 298 output: true 299 300 docker_signs: 301 - cmd: cosign 302 env: 303 - COSIGN_EXPERIMENTAL=1 304 artifacts: manifests 305 output: true 306 args: 307 - 'sign' 308 - '${artifact}' 309 - '--yes'