-
Notifications
You must be signed in to change notification settings - Fork 3
/
.goreleaser.yaml
51 lines (46 loc) · 1.13 KB
/
.goreleaser.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
builds:
- env:
- CGO_ENABLED=0
goos:
- linux
- windows
- darwin
# ensures mod timestamp to be the commit timestamp
mod_timestamp: '{{ .CommitTimestamp }}'
flags:
# trims path
- -trimpath
# config the checksum filename
# https://goreleaser.com/customization/checksum
checksum:
name_template: 'checksums.txt'
# creates SBOMs of all archives and the source tarball using syft
# https://goreleaser.com/customization/sbom
sboms:
- artifacts: binary
documents:
- "klone_{{ .Os }}_{{ .Arch }}.sbom"
# signs the checksum file
# all files (including the sboms) are included in the checksum, so we don't need to sign each one if we don't want to
# https://goreleaser.com/customization/sign
signs:
- cmd: cosign
signature: "${artifact}.cosign.bundle"
env:
- COSIGN_EXPERIMENTAL=1
args:
- sign-blob
- '--bundle=${signature}'
- '${artifact}'
- "--yes" # needed on cosign 2.0.0+
artifacts: checksum
output: true
archives:
- name_template: "{{.Binary}}_{{.Os}}_{{.Arch}}"
format: binary
changelog:
sort: asc
filters:
exclude:
- '^docs:'
- '^test:'