forked from boostsecurityio/poutine
-
Notifications
You must be signed in to change notification settings - Fork 1
/
.goreleaser.yaml
83 lines (75 loc) · 1.71 KB
/
.goreleaser.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
version: 1
project_name: poutine
before:
hooks:
- go mod verify
builds:
- env:
- CGO_ENABLED=0
goos:
- linux
- darwin
goarch:
- amd64
- arm64
- arm
goarm:
- '7'
kos:
- repository: ghcr.io/boostsecurityio/poutine
base_image: 'cgr.dev/chainguard/git:latest@sha256:e7a68ad581bf04f496ddb932f5dc72aadde0e78fcfab28a94d5f2a1b4a5f4d1e'
tags:
- '{{.Version}}'
- latest
bare: true
preserve_import_paths: false
platforms:
- linux/amd64
- linux/arm64
docker_signs:
- artifacts: manifests
args:
- "sign"
- "${artifact}"
- "--yes" # skip user interaction
signs:
- cmd: cosign
certificate: '${artifact}.pem'
args:
- "sign-blob"
- "--output-certificate=${certificate}"
- "--output-signature=${signature}"
- "${artifact}"
- "--yes" # skip user interaction
artifacts: all
output: true
archives:
- format: tar.gz
# this name template makes the OS and Arch compatible with the results of `uname`.
name_template: >-
{{ .ProjectName }}_
{{- title .Os }}_
{{- if eq .Arch "amd64" }}x86_64
{{- else if eq .Arch "386" }}i386
{{- else }}{{ .Arch }}{{ end }}
{{- if .Arm }}v{{ .Arm }}{{ end }}
# use zip for windows archives
format_overrides:
- goos: windows
format: zip
brews:
- repository:
owner: boostsecurityio
name: homebrew-tap
branch: main
token: "{{ .Env.TAP_GITHUB_TOKEN }}"
directory: Formula
homepage: https://boostsecurity.io
description: poutine - The Build Pipeline risk analyzer.
license: Apache 2.0
changelog:
sort: asc
filters:
exclude:
- "^docs:"
- "^test:"