version: 2 # Project metadata project_name: gohoarder # Pre-release hooks before: hooks: - go mod tidy # Download and setup Zig for cross-compilation (Linux only) - bash -c 'if [ "$(uname -s)" = "Linux" ]; then wget https://ziglang.org/download/0.15.2/zig-x86_64-linux-0.15.2.tar.xz -O /tmp/zig.tar.xz && ls -lh /tmp/zig.tar.xz && tar -xvf /tmp/zig.tar.xz -C /tmp && echo "/tmp/zig-x86_64-linux-0.15.2" >> $GITHUB_PATH; fi' # Build configuration # All binaries built using Zig for consistent cross-compilation # Zig handles CGO cross-compilation without platform-specific toolchains # Binaries are injected into Docker images (no Docker compilation) builds: - id: gohoarder main: ./cmd/gohoarder binary: gohoarder env: - CGO_ENABLED=1 tags: - fts5 flags: - -trimpath ldflags: - -s -w - -X github.com/lukaszraczylo/gohoarder/internal/version.Version={{.Version}} - -X github.com/lukaszraczylo/gohoarder/internal/version.GitCommit={{.ShortCommit}} - -X github.com/lukaszraczylo/gohoarder/internal/version.BuildTime={{.Date}} goos: - linux - darwin goarch: - amd64 - arm64 ignore: - goos: darwin goarch: amd64 overrides: # Use Zig only for Linux cross-compilation - goos: linux goarch: amd64 env: - CGO_ENABLED=1 - CC=/tmp/zig-x86_64-linux-0.15.2/zig cc -target x86_64-linux-musl - CXX=/tmp/zig-x86_64-linux-0.15.2/zig c++ -target x86_64-linux-musl - goos: linux goarch: arm64 env: - CGO_ENABLED=1 - CC=/tmp/zig-x86_64-linux-0.15.2/zig cc -target aarch64-linux-musl - CXX=/tmp/zig-x86_64-linux-0.15.2/zig c++ -target aarch64-linux-musl # darwin/arm64 builds natively on macOS runner (no Zig) - id: migrate main: ./cmd/migrate binary: migrate env: - CGO_ENABLED=1 tags: - fts5 flags: - -trimpath ldflags: - -s -w - -X main.Version={{.Version}} - -X main.GitCommit={{.ShortCommit}} - -X main.BuildTime={{.Date}} goos: - linux - darwin goarch: - amd64 - arm64 ignore: - goos: darwin goarch: amd64 overrides: # Use Zig only for Linux cross-compilation - goos: linux goarch: amd64 env: - CGO_ENABLED=1 - CC=/tmp/zig-x86_64-linux-0.15.2/zig cc -target x86_64-linux-musl - CXX=/tmp/zig-x86_64-linux-0.15.2/zig c++ -target x86_64-linux-musl - goos: linux goarch: arm64 env: - CGO_ENABLED=1 - CC=/tmp/zig-x86_64-linux-0.15.2/zig cc -target aarch64-linux-musl - CXX=/tmp/zig-x86_64-linux-0.15.2/zig c++ -target aarch64-linux-musl # darwin/arm64 builds natively on macOS runner (no Zig) # Archives for releases archives: - id: default name_template: >- {{ .ProjectName }}_ {{- title .Os }}_ {{- if eq .Arch "amd64" }}x86_64 {{- else if eq .Arch "386" }}i386 {{- else }}{{ .Arch }}{{ end }} {{- if .Arm }}v{{ .Arm }}{{ end }} formats: - tar.gz - zip format_overrides: - goos: windows formats: - zip files: - README.md - LICENSE - config.yaml.example # Checksum checksum: name_template: 'checksums.txt' algorithm: sha256 # Snapshot configuration snapshot: version_template: "{{ incpatch .Version }}-next" # Changelog changelog: sort: asc filters: exclude: - '^docs:' - '^test:' - '^ci:' - '^chore:' - '^Merge' - '^WIP' - '^Update go.mod' - 'README' # GitHub release configuration release: github: owner: lukaszraczylo name: gohoarder name_template: "version {{.Version}}" draft: false prerelease: auto # Docker images (v2 - modern syntax) # Uses PRE-BUILT binaries from native builds (no Docker compilation - much faster!) # GoReleaser injects the platform-specific binary into each Docker image automatically # This avoids slow QEMU emulation for cross-architecture builds dockers_v2: # 1. Application Engine - Main GoHoarder server # Uses pre-built binary from 'gohoarder' build (no Docker compilation) # linux/arm64 binary is cross-compiled using Zig (fast, no QEMU!) - id: gohoarder-server ids: - gohoarder images: - ghcr.io/lukaszraczylo/gohoarder-server tags: - "{{ .Version }}" - latest platforms: - linux/amd64 - linux/arm64 dockerfile: Dockerfile.server flags: - "--pull" - "--label=org.opencontainers.image.title=GoHoarder Server" - "--label=org.opencontainers.image.description=Universal package cache proxy server" - "--label=org.opencontainers.image.url=https://github.com/lukaszraczylo/gohoarder" - "--label=org.opencontainers.image.source=https://github.com/lukaszraczylo/gohoarder" - "--label=org.opencontainers.image.version={{ .Version }}" - "--label=org.opencontainers.image.created={{ .Date }}" - "--label=org.opencontainers.image.revision={{ .FullCommit }}" extra_files: - config.yaml.example # 2. Website - Frontend Dashboard # Note: Frontend is pre-built on CI runner and injected via frontend/dist - id: gohoarder-frontend images: - ghcr.io/lukaszraczylo/gohoarder-frontend tags: - "{{ .Version }}" - latest platforms: - linux/amd64 - linux/arm64 dockerfile: Dockerfile.frontend flags: - "--pull" - "--label=org.opencontainers.image.title=GoHoarder Frontend" - "--label=org.opencontainers.image.description=GoHoarder web dashboard" - "--label=org.opencontainers.image.url=https://github.com/lukaszraczylo/gohoarder" - "--label=org.opencontainers.image.source=https://github.com/lukaszraczylo/gohoarder" - "--label=org.opencontainers.image.version={{ .Version }}" - "--label=org.opencontainers.image.created={{ .Date }}" - "--label=org.opencontainers.image.revision={{ .FullCommit }}" extra_files: - frontend/dist # 3. Scanning Engine - Background scanner worker # Uses pre-built binary from 'gohoarder' build (no Docker compilation) # linux/arm64 binary is cross-compiled using Zig (fast, no QEMU!) - id: gohoarder-scanner ids: - gohoarder images: - ghcr.io/lukaszraczylo/gohoarder-scanner tags: - "{{ .Version }}" - latest platforms: - linux/amd64 - linux/arm64 dockerfile: Dockerfile.scanner flags: - "--pull" - "--label=org.opencontainers.image.title=GoHoarder Scanner" - "--label=org.opencontainers.image.description=GoHoarder vulnerability scanning engine" - "--label=org.opencontainers.image.url=https://github.com/lukaszraczylo/gohoarder" - "--label=org.opencontainers.image.source=https://github.com/lukaszraczylo/gohoarder" - "--label=org.opencontainers.image.version={{ .Version }}" - "--label=org.opencontainers.image.created={{ .Date }}" - "--label=org.opencontainers.image.revision={{ .FullCommit }}" extra_files: - config.yaml.example # 4. Migration Engine - Database migration tool # Uses pre-built binary from 'migrate' build (no Docker compilation) # linux/arm64 binary is cross-compiled using Zig (fast, no QEMU!) - id: gohoarder-migrate ids: - migrate images: - ghcr.io/lukaszraczylo/gohoarder-migrate tags: - "{{ .Version }}" - latest platforms: - linux/amd64 - linux/arm64 dockerfile: Dockerfile.migrate flags: - "--pull" - "--label=org.opencontainers.image.title=GoHoarder Migrate" - "--label=org.opencontainers.image.description=Database migration tool for GoHoarder V2 schema" - "--label=org.opencontainers.image.url=https://github.com/lukaszraczylo/gohoarder" - "--label=org.opencontainers.image.source=https://github.com/lukaszraczylo/gohoarder" - "--label=org.opencontainers.image.version={{ .Version }}" - "--label=org.opencontainers.image.created={{ .Date }}" - "--label=org.opencontainers.image.revision={{ .FullCommit }}" extra_files: - migrations # Artifact signing with cosign signs: - cmd: cosign signature: "${artifact}.sigstore.json" args: - sign-blob - "--bundle=${signature}" - "${artifact}" - "--yes" artifacts: checksum output: true # Docker image signing with cosign docker_signs: - cmd: cosign artifacts: manifests output: true args: - sign - "${artifact}@${digest}" - "--yes"