-
Notifications
You must be signed in to change notification settings - Fork 138
/
Copy path.goreleaser.yml
93 lines (90 loc) · 3.45 KB
/
.goreleaser.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
before:
hooks:
- go mod tidy
- go install github.com/gobuffalo/packr/v2/packr2@latest
- packr2
builds:
- id: goldilocks
ldflags:
- -X main.version={{.Version}} -X main.commit={{.Commit}} -s -w
goarch:
- amd64
- arm
- arm64
env:
- CGO_ENABLED=0
- GO111MODULE=on
goos:
- linux
- darwin
goarm:
- 6
- 7
changelog:
sort: asc
filters:
exclude:
- '^docs:'
- '^test:'
release:
prerelease: auto
footer: |
You can verify the signatures of both the checksums.txt file and the published docker images using [cosign](https://github.com/sigstore/cosign).
```
sha256sum -c goldilocks_v{{ .Major }}.{{ .Minor }}.{{ .Patch }}_checksums.txt --ignore-missing
cosign verify-blob goldilocks_v{{ .Major }}.{{ .Minor }}.{{ .Patch }}_checksums.txt --signature=goldilocks_v{{ .Major }}.{{ .Minor }}.{{ .Patch }}_checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
```
```
cosign verify us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v4 --key https://artifacts.fairwinds.com/cosign.pub
```
signs:
- cmd: cosign
args: ["sign-blob", "--key=hashivault://cosign", "-output-signature=${signature}", "${artifact}"]
artifacts: checksum
docker_signs:
- artifacts: all
args: ["sign", "--key=hashivault://cosign", "${artifact}", "-r"]
dockers:
- image_templates:
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:{{ .FullCommit }}-amd64"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:{{ .Tag }}-amd64"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}-amd64"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}.{{ .Minor }}-amd64"
use: buildx
dockerfile: Dockerfile
build_flag_templates:
- "--platform=linux/amd64"
- image_templates:
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:{{ .Tag }}-arm64v8"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}-arm64v8"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}.{{ .Minor }}-arm64v8"
use: buildx
goarch: arm64
dockerfile: Dockerfile
build_flag_templates:
- "--platform=linux/arm64/v8"
- image_templates:
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:{{ .Tag }}-armv7"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}-armv7"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}.{{ .Minor }}-armv7"
use: buildx
goarch: arm64
dockerfile: Dockerfile
build_flag_templates:
- "--platform=linux/arm/v7"
docker_manifests:
- name_template: us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:{{ .Tag }}
image_templates:
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:{{ .Tag }}-amd64"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:{{ .Tag }}-arm64v8"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:{{ .Tag }}-armv7"
- name_template: us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}
image_templates:
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}-amd64"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}-arm64v8"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}-armv7"
- name_template: us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}.{{ .Minor }}
image_templates:
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}.{{ .Minor }}-amd64"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}.{{ .Minor }}-arm64v8"
- "us-docker.pkg.dev/fairwinds-ops/oss/goldilocks:v{{ .Major }}.{{ .Minor }}-armv7"