lukaszraczylo/gohoarder
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/gohoarder.git synced 2026-06-13 02:36:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
af5e08a86483f5f13b0a72cefa2a1070c19e2e46
gohoarder/.goreleaser.yaml
T
lukaszraczylo af5e08a864 fix: disable SBOM attestations for Docker builds 
Docker SBOM attestations require docker-container driver which is not
available in the default Docker driver used by GoReleaser. Disabled
SBOM generation for all Docker images to prevent build failures.

Error fixed:
- "Attestation is not supported for the docker driver"

Applied to all Docker images:
- gohoarder-server
- gohoarder-frontend
- gohoarder-scanner
- gohoarder-gateway
- gohoarder-migrate
2026-01-03 23:14:27 +00:00

271 lines
7.7 KiB
YAML
Raw Blame History

version: 2
# Project metadata
project_name: gohoarder
# Pre-release hooks
before:
hooks:
- go mod tidy
# Generate semantic version if not provided via git tag
# This script can be used by CI/CD to inject custom versions
# Usage: export GORELEASER_CURRENT_TAG=$(./script/generate-version.sh)
# - ./script/generate-version.sh
# Build configuration
# Builds run natively per-platform in split mode (no CGO cross-compilation)
# Docker images also use multi-stage builds independently
builds:
- id: gohoarder
main: ./cmd/gohoarder
binary: gohoarder
env:
- CGO_ENABLED=1
tags:
- fts5
flags:
- -trimpath
ldflags:
- -s -w
- -X github.com/lukaszraczylo/gohoarder/internal/version.Version={{.Version}}
- -X github.com/lukaszraczylo/gohoarder/internal/version.GitCommit={{.ShortCommit}}
- -X github.com/lukaszraczylo/gohoarder/internal/version.BuildTime={{.Date}}
goos:
- linux
- darwin
goarch:
- amd64
- arm64
ignore:
- goos: darwin
goarch: amd64
- goos: linux
goarch: arm64 # Skip linux/arm64 binaries (Docker handles multi-arch)
- id: migrate
main: ./cmd/migrate
binary: migrate
env:
- CGO_ENABLED=1
tags:
- fts5
flags:
- -trimpath
ldflags:
- -s -w
- -X main.Version={{.Version}}
- -X main.GitCommit={{.ShortCommit}}
- -X main.BuildTime={{.Date}}
goos:
- linux
- darwin
goarch:
- amd64
- arm64
ignore:
- goos: darwin
goarch: amd64
- goos: linux
goarch: arm64 # Skip linux/arm64 binaries (Docker handles multi-arch)
# Archives for releases
archives:
- id: default
name_template: >-
{{ .ProjectName }}_
{{- title .Os }}_
{{- if eq .Arch "amd64" }}x86_64
{{- else if eq .Arch "386" }}i386
{{- else }}{{ .Arch }}{{ end }}
{{- if .Arm }}v{{ .Arm }}{{ end }}
formats:
- tar.gz
- zip
format_overrides:
- goos: windows
formats:
- zip
files:
- README.md
- LICENSE
- config.yaml.example
# Checksum
checksum:
name_template: 'checksums.txt'
algorithm: sha256
# Snapshot configuration
snapshot:
version_template: "{{ incpatch .Version }}-next"
# Changelog
changelog:
sort: asc
filters:
exclude:
- '^docs:'
- '^test:'
- '^ci:'
- '^chore:'
- '^Merge'
- '^WIP'
- '^Update go.mod'
- 'README'
# GitHub release configuration
release:
github:
owner: lukaszraczylo
name: gohoarder
name_template: "version {{.Version}}"
draft: false
prerelease: auto
# Docker images (v2 - modern syntax)
dockers_v2:
# 1. Application Engine - Main GoHoarder server
- id: gohoarder-server
images:
- ghcr.io/lukaszraczylo/gohoarder-server
platforms:
- linux/amd64
- linux/arm64
build_args:
VERSION: "{{ .Version }}"
GIT_COMMIT: "{{ .ShortCommit }}"
BUILD_TIME: "{{ .Date }}"
tags:
- "{{ .Version }}"
- latest
dockerfile: Dockerfile.server
sbom: false # Disable SBOM attestations (requires docker-container driver)
labels:
org.opencontainers.image.title: GoHoarder Server
org.opencontainers.image.description: Universal package cache proxy server
org.opencontainers.image.url: https://github.com/lukaszraczylo/gohoarder
org.opencontainers.image.source: https://github.com/lukaszraczylo/gohoarder
org.opencontainers.image.version: "{{ .Version }}"
org.opencontainers.image.created: "{{ .Date }}"
org.opencontainers.image.revision: "{{ .FullCommit }}"
extra_files:
- config.yaml.example
# 2. Website - Frontend Dashboard
- id: gohoarder-frontend
images:
- ghcr.io/lukaszraczylo/gohoarder-frontend
platforms:
- linux/amd64
- linux/arm64
tags:
- "{{ .Version }}"
- latest
dockerfile: Dockerfile.frontend
sbom: false # Disable SBOM attestations (requires docker-container driver)
labels:
org.opencontainers.image.title: GoHoarder Frontend
org.opencontainers.image.description: GoHoarder web dashboard
org.opencontainers.image.url: https://github.com/lukaszraczylo/gohoarder
org.opencontainers.image.source: https://github.com/lukaszraczylo/gohoarder
org.opencontainers.image.version: "{{ .Version }}"
org.opencontainers.image.created: "{{ .Date }}"
org.opencontainers.image.revision: "{{ .FullCommit }}"
extra_files:
- frontend
# 3. Scanning Engine - Background scanner worker
- id: gohoarder-scanner
images:
- ghcr.io/lukaszraczylo/gohoarder-scanner
platforms:
- linux/amd64
- linux/arm64
build_args:
VERSION: "{{ .Version }}"
GIT_COMMIT: "{{ .ShortCommit }}"
BUILD_TIME: "{{ .Date }}"
tags:
- "{{ .Version }}"
- latest
dockerfile: Dockerfile.scanner
sbom: false # Disable SBOM attestations (requires docker-container driver)
labels:
org.opencontainers.image.title: GoHoarder Scanner
org.opencontainers.image.description: GoHoarder vulnerability scanning engine
org.opencontainers.image.url: https://github.com/lukaszraczylo/gohoarder
org.opencontainers.image.source: https://github.com/lukaszraczylo/gohoarder
org.opencontainers.image.version: "{{ .Version }}"
org.opencontainers.image.created: "{{ .Date }}"
org.opencontainers.image.revision: "{{ .FullCommit }}"
extra_files:
- config.yaml.example
# 4. Gateway - Nginx reverse proxy for unified deployment
- id: gohoarder-gateway
images:
- ghcr.io/lukaszraczylo/gohoarder-gateway
platforms:
- linux/amd64
- linux/arm64
tags:
- "{{ .Version }}"
- latest
dockerfile: Dockerfile.gateway
sbom: false # Disable SBOM attestations (requires docker-container driver)
labels:
org.opencontainers.image.title: GoHoarder Gateway
org.opencontainers.image.description: Nginx reverse proxy for unified GoHoarder deployment
org.opencontainers.image.url: https://github.com/lukaszraczylo/gohoarder
org.opencontainers.image.source: https://github.com/lukaszraczylo/gohoarder
org.opencontainers.image.version: "{{ .Version }}"
org.opencontainers.image.created: "{{ .Date }}"
org.opencontainers.image.revision: "{{ .FullCommit }}"
# 5. Migration Engine - Database migration tool
- id: gohoarder-migrate
images:
- ghcr.io/lukaszraczylo/gohoarder-migrate
platforms:
- linux/amd64
- linux/arm64
build_args:
VERSION: "{{ .Version }}"
GIT_COMMIT: "{{ .ShortCommit }}"
BUILD_TIME: "{{ .Date }}"
tags:
- "{{ .Version }}"
- latest
dockerfile: Dockerfile.migrate
sbom: false # Disable SBOM attestations (requires docker-container driver)
labels:
org.opencontainers.image.title: GoHoarder Migrate
org.opencontainers.image.description: Database migration tool for GoHoarder V2 schema
org.opencontainers.image.url: https://github.com/lukaszraczylo/gohoarder
org.opencontainers.image.source: https://github.com/lukaszraczylo/gohoarder
org.opencontainers.image.version: "{{ .Version }}"
org.opencontainers.image.created: "{{ .Date }}"
org.opencontainers.image.revision: "{{ .FullCommit }}"
# Artifact signing with cosign
signs:
- cmd: cosign
signature: "${artifact}.sigstore.json"
args:
- sign-blob
- "--bundle=${signature}"
- "${artifact}"
- "--yes"
artifacts: checksum
output: true
# Docker image signing with cosign
docker_signs:
- cmd: cosign
artifacts: manifests
output: true
args:
- sign
- "${artifact}@${digest}"
- "--yes"
Reference in New Issue View Git Blame Copy Permalink