github.com/triarius/goreleaser@v1.12.5/internal/pipe/sign/sign_docker.go

github.com/triarius/goreleaser@v1.12.5/internal/pipe/sign/sign_docker.go (about)

     1  package sign
     2  
     3  import (
     4  	"fmt"
     5  
     6  	"github.com/triarius/goreleaser/internal/artifact"
     7  	"github.com/triarius/goreleaser/internal/ids"
     8  	"github.com/triarius/goreleaser/internal/pipe"
     9  	"github.com/triarius/goreleaser/internal/semerrgroup"
    10  	"github.com/triarius/goreleaser/pkg/context"
    11  )
    12  
    13  // Pipe that signs docker images and manifests.
    14  type DockerPipe struct{}
    15  
    16  func (DockerPipe) String() string { return "signing docker images" }
    17  
    18  func (DockerPipe) Skip(ctx *context.Context) bool {
    19  	return ctx.SkipSign || len(ctx.Config.DockerSigns) == 0
    20  }
    21  
    22  // Default sets the Pipes defaults.
    23  func (DockerPipe) Default(ctx *context.Context) error {
    24  	ids := ids.New("docker_signs")
    25  	for i := range ctx.Config.DockerSigns {
    26  		cfg := &ctx.Config.DockerSigns[i]
    27  		if cfg.Cmd == "" {
    28  			cfg.Cmd = "cosign"
    29  		}
    30  		if len(cfg.Args) == 0 {
    31  			cfg.Args = []string{"sign", "--key=cosign.key", "$artifact"}
    32  		}
    33  		if cfg.Artifacts == "" {
    34  			cfg.Artifacts = "none"
    35  		}
    36  		if cfg.ID == "" {
    37  			cfg.ID = "default"
    38  		}
    39  		ids.Inc(cfg.ID)
    40  	}
    41  	return ids.Validate()
    42  }
    43  
    44  // Publish signs and pushes the docker images signatures.
    45  func (DockerPipe) Publish(ctx *context.Context) error {
    46  	g := semerrgroup.New(ctx.Parallelism)
    47  	for i := range ctx.Config.DockerSigns {
    48  		cfg := ctx.Config.DockerSigns[i]
    49  		g.Go(func() error {
    50  			var filters []artifact.Filter
    51  			switch cfg.Artifacts {
    52  			case "images":
    53  				filters = append(filters, artifact.ByType(artifact.DockerImage))
    54  			case "manifests":
    55  				filters = append(filters, artifact.ByType(artifact.DockerManifest))
    56  			case "all":
    57  				filters = append(filters, artifact.Or(
    58  					artifact.ByType(artifact.DockerImage),
    59  					artifact.ByType(artifact.DockerManifest),
    60  				))
    61  			case "none": // TODO(caarlos0): remove this
    62  				return pipe.ErrSkipSignEnabled
    63  			default:
    64  				return fmt.Errorf("invalid list of artifacts to sign: %s", cfg.Artifacts)
    65  			}
    66  
    67  			if len(cfg.IDs) > 0 {
    68  				filters = append(filters, artifact.ByIDs(cfg.IDs...))
    69  			}
    70  			return sign(ctx, cfg, ctx.Artifacts.Filter(artifact.And(filters...)).List())
    71  		})
    72  	}
    73  	return g.Wait()
    74  }