forked from google/osv-scanner
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.goreleaser.yml
149 lines (145 loc) · 5.26 KB
/
.goreleaser.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
version: 2
before:
hooks:
- go mod tidy
builds:
- main: ./cmd/osv-scanner/
id: osv-scanner
binary: osv-scanner
env:
# goreleaser does not work with CGO, it could also complicate
# usage by users in CI/CD systems like Terraform Cloud where
# they are unable to install libraries.
- CGO_ENABLED=0
- GO111MODULE=on
mod_timestamp: "{{ .CommitTimestamp }}"
flags:
- -trimpath
ldflags:
# prettier-ignore
- '-s -w -X github.com/google/osv-scanner/internal/version.OSVVersion={{.Version}} -X main.commit={{.Commit}} -X main.date={{.CommitDate}}'
goos:
# Further testing before supporting freebsd
# - freebsd
- windows
- linux
- darwin
goarch:
- amd64
# 32bit does not compile at the moment because of spdx dependency
# - '386'
# Further testing before supporting arm
# - arm
- arm64
- main: ./cmd/osv-scanner/
id: osv-scanner-action
binary: osv-scanner-action
env:
# goreleaser does not work with CGO, it could also complicate
# usage by users in CI/CD systems like Terraform Cloud where
# they are unable to install libraries.
- CGO_ENABLED=0
- GO111MODULE=on
mod_timestamp: "{{ .CommitTimestamp }}"
flags:
- -trimpath
ldflags:
# prettier-ignore
- '-s -w -X github.com/google/osv-scanner/internal/version.OSVVersion={{.Version}}_GHAction -X main.commit={{.Commit}} -X main.date={{.CommitDate}}'
goos:
- linux
goarch:
- amd64
- main: ./cmd/osv-reporter/
id: osv-reporter
binary: osv-reporter
env: # osv-reporter for github action
- CGO_ENABLED=0
- GO111MODULE=on
mod_timestamp: "{{ .CommitTimestamp }}"
flags:
- -trimpath
ldflags:
# prettier-ignore
- '-s -w -X github.com/google/osv-scanner/internal/version.OSVVersion={{.Version}} -X main.commit={{.Commit}} -X main.date={{.CommitDate}}'
goos:
- linux
goarch:
- amd64
dockers:
# Arch: amd64
- image_templates:
- "ghcr.io/google/osv-scanner:{{ .Tag }}-amd64"
dockerfile: goreleaser.dockerfile
use: buildx
build_flag_templates:
- "--pull"
- "--label=org.opencontainers.image.title=osv-scanner"
- "--label=org.opencontainers.image.description=Vulnerability scanner written in Go which uses the data provided by https://osv.dev"
- "--label=org.opencontainers.image.licenses=Apache License 2.0"
- "--label=org.opencontainers.image.created={{.Date}}"
- "--label=org.opencontainers.image.name={{.ProjectName}}"
- "--label=org.opencontainers.image.revision={{.FullCommit}}"
- "--label=org.opencontainers.image.version={{.Version}}"
- "--label=org.opencontainers.image.source={{.GitURL}}"
- "--label=org.opencontainers.image.url={{.GitURL}}"
- "--platform=linux/amd64"
# Arch: arm64
- image_templates:
- "ghcr.io/google/osv-scanner:{{ .Tag }}-arm64"
dockerfile: goreleaser.dockerfile
use: buildx
build_flag_templates:
- "--pull"
- "--label=org.opencontainers.image.title=osv-scanner"
- "--label=org.opencontainers.image.description=Vulnerability scanner written in Go which uses the data provided by https://osv.dev"
- "--label=org.opencontainers.image.licenses=Apache-2.0"
- "--label=org.opencontainers.image.created={{.Date}}"
- "--label=org.opencontainers.image.name={{.ProjectName}}"
- "--label=org.opencontainers.image.revision={{.FullCommit}}"
- "--label=org.opencontainers.image.version={{.Version}}"
- "--label=org.opencontainers.image.source={{.GitURL}}"
- "--label=org.opencontainers.image.url={{.GitURL}}"
- "--platform=linux/arm64"
goarch: arm64
# Github Action
- image_templates:
- "ghcr.io/google/osv-scanner-action:{{ .Tag }}"
dockerfile: goreleaser-action.dockerfile
use: buildx
extra_files:
- exit_code_redirect.sh
build_flag_templates:
- "--pull"
- "--label=org.opencontainers.image.title=osv-scanner-action"
- "--label=org.opencontainers.image.description=Vulnerability scanner written in Go which uses the data provided by https://osv.dev"
- "--label=org.opencontainers.image.licenses=Apache-2.0"
- "--label=org.opencontainers.image.created={{.Date}}"
- "--label=org.opencontainers.image.name={{.ProjectName}}"
- "--label=org.opencontainers.image.revision={{.FullCommit}}"
- "--label=org.opencontainers.image.version={{.Version}}"
- "--label=org.opencontainers.image.source={{.GitURL}}"
- "--label=org.opencontainers.image.url={{.GitURL}}"
- "--platform=linux/amd64"
goarch: amd64
docker_manifests:
- name_template: "ghcr.io/google/osv-scanner:{{ .Tag }}"
image_templates:
- "ghcr.io/google/osv-scanner:{{ .Tag }}-amd64"
- "ghcr.io/google/osv-scanner:{{ .Tag }}-arm64"
- name_template: "ghcr.io/google/osv-scanner:latest"
image_templates:
- "ghcr.io/google/osv-scanner:{{ .Tag }}-amd64"
- "ghcr.io/google/osv-scanner:{{ .Tag }}-arm64"
archives:
- format: binary
name_template: "{{ .Binary }}_{{ .Os }}_{{ .Arch }}"
builds:
- osv-scanner
checksum:
name_template: "{{ .ProjectName }}_SHA256SUMS"
algorithm: sha256
release:
draft: true
changelog:
disable: false