forked from CypherGoat/cli
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathTaskfile.yml
More file actions
154 lines (132 loc) · 4.38 KB
/
Taskfile.yml
File metadata and controls
154 lines (132 loc) · 4.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
---
# Taskfile for CypherGoat CLI
# https://taskfile.dev
version: '3'
vars:
VERSION: '{{.CLI_VERSION | default "dev"}}'
COMMIT: '{{.CLI_COMMIT | default "unknown"}}'
DATE: '{{now | date "2006-01-02"}}'
BIN: 'cyphergoat'
tasks:
default:
desc: Build the cyphergoat binary
cmds:
- task: build
build:
desc: Build cyphergoat binary
cmds:
- CGO_ENABLED=0 go build -ldflags "-s -w -X main.version={{.VERSION}} -X main.commit={{.COMMIT}} -X main.date={{.DATE}}" -o {{.BIN}} .
build:linux:
desc: Build for Linux (amd64)
vars:
OS: linux
ARCH: amd64
cmds:
- GOOS={{.OS}} GOARCH={{.ARCH}} CGO_ENABLED=0 go build -ldflags "-s -w -X main.version={{.VERSION}} -X main.commit={{.COMMIT}} -X main.date={{.DATE}}" -o {{.BIN}}-{{.OS}}-{{.ARCH}} .
build:macos:
desc: Build for macOS (amd64)
vars:
OS: darwin
ARCH: amd64
cmds:
- GOOS={{.OS}} GOARCH={{.ARCH}} CGO_ENABLED=0 go build -ldflags "-s -w -X main.version={{.VERSION}} -X main.commit={{.COMMIT}} -X main.date={{.DATE}}" -o {{.BIN}}-{{.OS}}-{{.ARCH}} .
build:macos:arm64:
desc: Build for macOS (arm64/Apple Silicon)
vars:
OS: darwin
ARCH: arm64
cmds:
- GOOS={{.OS}} GOARCH={{.ARCH}} CGO_ENABLED=0 go build -ldflags "-s -w -X main.version={{.VERSION}} -X main.commit={{.COMMIT}} -X main.date={{.DATE}}" -o {{.BIN}}-{{.OS}}-{{.ARCH}} .
build:windows:
desc: Build for Windows (amd64)
vars:
OS: windows
ARCH: amd64
cmds:
- GOOS={{.OS}} GOARCH={{.ARCH}} CGO_ENABLED=0 go build -ldflags "-s -w -X main.version={{.VERSION}} -X main.commit={{.COMMIT}} -X main.date={{.DATE}}" -o {{.BIN}}-{{.OS}}-{{.ARCH}}.exe .
build:all:
desc: Build for all platforms
cmds:
- task: build:linux
- task: build:macos
- task: build:macos:arm64
- task: build:windows
install:task:
desc: Install Task runner
cmds:
- |
echo "Installing Task..."
sh -c "$(curl -sL https://taskfile.dev/install.sh)" -- -d -b ~/.local/bin
echo "Add ~/.local/bin to your PATH: export PATH=\"$HOME/.local/bin:$PATH\""
install:
desc: Install cyphergoat to system
cmds:
- |
echo "Installing cyphergoat to /usr/local/bin..."
sudo mv {{.BIN}} /usr/local/bin/
echo "✅ cyphergoat installed!"
install:user:
desc: Install cyphergoat to user directory
cmds:
- |
mkdir -p ~/.local/bin
mv {{.BIN}} ~/.local/bin/
echo "✅ Installed to ~/.local/bin"
echo "Add to PATH: echo 'export PATH=\"\$HOME/.local/bin:\$PATH\"' >> ~/.bashrc"
test:
desc: Run all tests with race detector
cmds:
- go test ./... -v -race
test:short:
desc: Run tests without race detector (faster)
cmds:
- go test ./... -v
lint:
desc: Run linter
cmds:
- |
if command -v golangci-lint &> /dev/null; then
golangci-lint run ./...
else
echo "Install linter: curl -sSf https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin"
exit 1
fi
lint:install:
desc: Install golangci-lint
cmds:
- |
curl -sSf https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin
verify:
desc: Verify SLSA provenance (requires Cosign)
cmds:
- |
if ! command -v cosign &> /dev/null; then
echo "Installing Cosign..."
curl -sL https://slsa.dev/install.sh | bash -s
fi
echo "Verifying SLSA provenance..."
cosign verify-attestation \
--type slsaprovenance \
--policy .github/policy.json \
{{.BIN}} || echo "⚠️ Verification failed or attestation not found"
verify:checksum:
desc: Verify SHA256 checksum
cmds:
- |
if [ -f "{{.BIN}}.sha256" ]; then
sha256sum -c {{.BIN}}.sha256
else
echo "⚠️ No checksum file found"
fi
tidy:
desc: Clean up go.mod and go.sum
cmds:
- go mod tidy
clean:
desc: Clean build artifacts
cmds:
- rm -f {{.BIN}} {{.BIN}}-*-* *.exe checksums.txt *.sha256 *.sig *.cert.pem *.intoto.jsonl
clean:all:
desc: Clean all generated files including go.sum
cmds:
- rm -rf {{.BIN}} {{.BIN}}-*-* *.exe go.sum checksums.txt *.sha256 *.sig *.cert.pem *.intoto.jsonl