-
Notifications
You must be signed in to change notification settings - Fork 137
/
.goreleaser.yml
82 lines (74 loc) · 1.61 KB
/
.goreleaser.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
project_name: tf-controller
release:
prerelease: "true"
extra_files:
- glob: config/release/*.yaml
checksum:
extra_files:
- glob: config/release/*.yaml
builds:
- id: tfctl
main: ./cmd/tfctl
binary: tfctl
env:
- CGO_ENABLED=0
flags:
- -trimpath
ldflags:
- -s -w
- -X main.BuildSHA={{.ShortCommit}} -X main.BuildVersion={{.Tag}}
goos:
- darwin
- linux
goarch:
- amd64
- arm64
- arm
goarm:
- 6
- 7
archives:
- id: tfctl
builds:
- tfctl
name_template: "tfctl_{{ title .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
format: tar.gz
source:
enabled: true
name_template: "{{ .ProjectName }}_{{ .Version }}_source_code"
sboms:
- id: source
artifacts: source
documents:
- "{{ .ProjectName }}_{{ .Version }}_sbom.spdx.json"
# signs the checksum file
# all files (including the sboms) are included in the checksum
# https://goreleaser.com/customization/sign
signs:
- cmd: cosign
env:
- COSIGN_EXPERIMENTAL=1
certificate: "${artifact}.pem"
args:
- sign-blob
- --yes
- "--output-certificate=${certificate}"
- "--output-signature=${signature}"
- "${artifact}"
artifacts: checksum
output: true
brews:
- name: tfctl
ids:
- tfctl
tap:
owner: flux-iac
name: homebrew-tap
token: "{{ .Env.HOMEBREW_TAP_GITHUB_TOKEN }}"
commit_author:
name: flux-iac
email: [email protected]
folder: Formula
homepage: https://flux-iac.github.io/tofu-controller
install: |
bin.install "tfctl"