From cee1b2c0f24bdccf99b54d58466997d56041b638 Mon Sep 17 00:00:00 2001 From: Cory Bekker Date: Mon, 6 Jan 2025 15:28:54 -0800 Subject: [PATCH 1/8] remove quill --- .github/workflows/goreleaser.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index cb8a34c1..41e69415 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -68,18 +68,18 @@ jobs: if: startsWith(github.ref, 'refs/heads/renovate') == true run: | echo "GORELEASER_ARGS=--snapshot --skip-publish" >> $GITHUB_ENV - - name: setup quill - uses: 1password/load-secrets-action@v2 - if: startsWith(github.ref, 'refs/tags/') == true && github.actor == github.repository_owner - with: - export-env: true - env: - OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - QUILL_NOTARY_KEY: ${{ secrets.OP_QUILL_NOTARY_KEY }} - QUILL_NOTARY_KEY_ID: ${{ secrets.OP_QUILL_NOTARY_KEY_ID }} - QUILL_NOTARY_ISSUER: ${{ secrets.OP_QUILL_NOTARY_ISSUER }} - QUILL_SIGN_PASSWORD: ${{ secrets.OP_QUILL_SIGN_PASSWORD }} - QUILL_SIGN_P12: ${{ secrets.OP_QUILL_SIGN_P12 }} + # - name: setup quill + # uses: 1password/load-secrets-action@v2 + # if: startsWith(github.ref, 'refs/tags/') == true && github.actor == github.repository_owner + # with: + # export-env: true + # env: + # OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + # QUILL_NOTARY_KEY: ${{ secrets.OP_QUILL_NOTARY_KEY }} + # QUILL_NOTARY_KEY_ID: ${{ secrets.OP_QUILL_NOTARY_KEY_ID }} + # QUILL_NOTARY_ISSUER: ${{ secrets.OP_QUILL_NOTARY_ISSUER }} + # QUILL_SIGN_PASSWORD: ${{ secrets.OP_QUILL_SIGN_PASSWORD }} + # QUILL_SIGN_P12: ${{ secrets.OP_QUILL_SIGN_P12 }} - name: run goreleaser uses: goreleaser/goreleaser-action@v6 with: From fb9acc0f017d2d19afd1d89d393f33d6166837de Mon Sep 17 00:00:00 2001 From: Cory Bekker Date: Mon, 6 Jan 2025 16:12:38 -0800 Subject: [PATCH 2/8] add upload-release-action --- .github/workflows/goreleaser.yml | 179 ++++++++++++++++++------------- 1 file changed, 102 insertions(+), 77 deletions(-) diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index 41e69415..bc25a619 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -19,82 +19,107 @@ permissions: jobs: release: + name: Publish binaries runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - if: github.event_name == 'pull_request' - with: - fetch-depth: 0 - ref: ${{ github.event.pull_request.head.ref }} - - uses: actions/checkout@v4 - if: github.event_name != 'pull_request' - with: - fetch-depth: 0 - - name: setup-go - uses: actions/setup-go@v5 - with: - go-version: 1.21.x - - name: setup qemu - id: qemu - uses: docker/setup-qemu-action@v3 - - name: setup docker buildx - id: buildx - uses: docker/setup-buildx-action@v3 - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: install cosign - uses: sigstore/cosign-installer@v3 - - name: install quill - env: - QUILL_VERSION: 0.4.1 - run: | - curl -Lo /tmp/quill_${QUILL_VERSION}_linux_amd64.tar.gz https://github.com/anchore/quill/releases/download/v${QUILL_VERSION}/quill_${QUILL_VERSION}_linux_amd64.tar.gz - tar -xvf /tmp/quill_${QUILL_VERSION}_linux_amd64.tar.gz -C /tmp - mv /tmp/quill /usr/local/bin/quill - chmod +x /usr/local/bin/quill - - name: set goreleaser default args - if: startsWith(github.ref, 'refs/tags/') == true - run: | - echo "GORELEASER_ARGS=" >> $GITHUB_ENV - - name: set goreleaser args for branch - if: startsWith(github.ref, 'refs/tags/') == false - run: | - echo "GORELEASER_ARGS=--snapshot" >> $GITHUB_ENV - - name: set goreleaser args renovate - if: startsWith(github.ref, 'refs/heads/renovate') == true - run: | - echo "GORELEASER_ARGS=--snapshot --skip-publish" >> $GITHUB_ENV - # - name: setup quill - # uses: 1password/load-secrets-action@v2 - # if: startsWith(github.ref, 'refs/tags/') == true && github.actor == github.repository_owner - # with: - # export-env: true - # env: - # OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - # QUILL_NOTARY_KEY: ${{ secrets.OP_QUILL_NOTARY_KEY }} - # QUILL_NOTARY_KEY_ID: ${{ secrets.OP_QUILL_NOTARY_KEY_ID }} - # QUILL_NOTARY_ISSUER: ${{ secrets.OP_QUILL_NOTARY_ISSUER }} - # QUILL_SIGN_PASSWORD: ${{ secrets.OP_QUILL_SIGN_PASSWORD }} - # QUILL_SIGN_P12: ${{ secrets.OP_QUILL_SIGN_P12 }} - - name: run goreleaser - uses: goreleaser/goreleaser-action@v6 - with: - distribution: goreleaser - version: latest - args: release --clean ${{ env.GORELEASER_ARGS }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: push docker images (for branches) - if: github.ref == 'refs/heads/main' || github.event.pull_request.base.ref == 'main' - run: | - docker images --format "{{.Repository}}:{{.Tag}}" | grep "${{ github.repository }}" | xargs -L1 docker push - - name: upload artifacts - if: ${{ github.event.pull_request.base.ref == 'main' || github.event_name == 'workflow_dispatch' }} - uses: actions/upload-artifact@v4 - with: - name: binaries - path: releases/*.tar.gz + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version: 1.21.x + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Build Project binaries + env: + CGO_ENABLED: 0 + run: | + make xc + - name: Upload binaries to release + uses: svenstaro/upload-release-action@v2 + with: + repo_token: ${{ secrets.GITHUB_TOKEN }} + file: dist/aws* + tag: ${{ github.ref }} + overwrite: true + file_glob: true + # release: + # runs-on: ubuntu-latest + # steps: + # - uses: actions/checkout@v4 + # if: github.event_name == 'pull_request' + # with: + # fetch-depth: 0 + # ref: ${{ github.event.pull_request.head.ref }} + # - uses: actions/checkout@v4 + # if: github.event_name != 'pull_request' + # with: + # fetch-depth: 0 + # - name: setup-go + # uses: actions/setup-go@v5 + # with: + # go-version: 1.21.x + # - name: setup qemu + # id: qemu + # uses: docker/setup-qemu-action@v3 + # - name: setup docker buildx + # id: buildx + # uses: docker/setup-buildx-action@v3 + # - name: Login to GitHub Container Registry + # uses: docker/login-action@v3 + # with: + # registry: ghcr.io + # username: ${{ github.actor }} + # password: ${{ secrets.GITHUB_TOKEN }} + # - name: install cosign + # uses: sigstore/cosign-installer@v3 + # - name: install quill + # env: + # QUILL_VERSION: 0.4.1 + # run: | + # curl -Lo /tmp/quill_${QUILL_VERSION}_linux_amd64.tar.gz https://github.com/anchore/quill/releases/download/v${QUILL_VERSION}/quill_${QUILL_VERSION}_linux_amd64.tar.gz + # tar -xvf /tmp/quill_${QUILL_VERSION}_linux_amd64.tar.gz -C /tmp + # mv /tmp/quill /usr/local/bin/quill + # chmod +x /usr/local/bin/quill + # - name: set goreleaser default args + # if: startsWith(github.ref, 'refs/tags/') == true + # run: | + # echo "GORELEASER_ARGS=" >> $GITHUB_ENV + # - name: set goreleaser args for branch + # if: startsWith(github.ref, 'refs/tags/') == false + # run: | + # echo "GORELEASER_ARGS=--snapshot" >> $GITHUB_ENV + # - name: set goreleaser args renovate + # if: startsWith(github.ref, 'refs/heads/renovate') == true + # run: | + # echo "GORELEASER_ARGS=--snapshot --skip-publish" >> $GITHUB_ENV + # - name: setup quill + # uses: 1password/load-secrets-action@v2 + # if: startsWith(github.ref, 'refs/tags/') == true && github.actor == github.repository_owner + # with: + # export-env: true + # env: + # OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + # QUILL_NOTARY_KEY: ${{ secrets.OP_QUILL_NOTARY_KEY }} + # QUILL_NOTARY_KEY_ID: ${{ secrets.OP_QUILL_NOTARY_KEY_ID }} + # QUILL_NOTARY_ISSUER: ${{ secrets.OP_QUILL_NOTARY_ISSUER }} + # QUILL_SIGN_PASSWORD: ${{ secrets.OP_QUILL_SIGN_PASSWORD }} + # QUILL_SIGN_P12: ${{ secrets.OP_QUILL_SIGN_P12 }} + # - name: run goreleaser + # uses: goreleaser/goreleaser-action@v6 + # with: + # distribution: goreleaser + # version: latest + # args: release --clean ${{ env.GORELEASER_ARGS }} + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # - name: push docker images (for branches) + # if: github.ref == 'refs/heads/main' || github.event.pull_request.base.ref == 'main' + # run: | + # docker images --format "{{.Repository}}:{{.Tag}}" | grep "${{ github.repository }}" | xargs -L1 docker push + # - name: upload artifacts + # if: ${{ github.event.pull_request.base.ref == 'main' || github.event_name == 'workflow_dispatch' }} + # uses: actions/upload-artifact@v4 + # with: + # name: binaries + # path: releases/*.tar.gz From d1da30e8d7a10949290b0a0bb64f57751f86fd7d Mon Sep 17 00:00:00 2001 From: Cory Bekker Date: Tue, 7 Jan 2025 09:01:35 -0800 Subject: [PATCH 3/8] remove signing of binaries --- .github/workflows/goreleaser.yml | 179 +++++++++++++------------------ .goreleaser.yml | 16 +-- 2 files changed, 85 insertions(+), 110 deletions(-) diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index bc25a619..cb8a34c1 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -19,107 +19,82 @@ permissions: jobs: release: - name: Publish binaries runs-on: ubuntu-latest steps: - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version: 1.21.x - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Build Project binaries - env: - CGO_ENABLED: 0 - run: | - make xc - - name: Upload binaries to release - uses: svenstaro/upload-release-action@v2 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: dist/aws* - tag: ${{ github.ref }} - overwrite: true - file_glob: true - # release: - # runs-on: ubuntu-latest - # steps: - # - uses: actions/checkout@v4 - # if: github.event_name == 'pull_request' - # with: - # fetch-depth: 0 - # ref: ${{ github.event.pull_request.head.ref }} - # - uses: actions/checkout@v4 - # if: github.event_name != 'pull_request' - # with: - # fetch-depth: 0 - # - name: setup-go - # uses: actions/setup-go@v5 - # with: - # go-version: 1.21.x - # - name: setup qemu - # id: qemu - # uses: docker/setup-qemu-action@v3 - # - name: setup docker buildx - # id: buildx - # uses: docker/setup-buildx-action@v3 - # - name: Login to GitHub Container Registry - # uses: docker/login-action@v3 - # with: - # registry: ghcr.io - # username: ${{ github.actor }} - # password: ${{ secrets.GITHUB_TOKEN }} - # - name: install cosign - # uses: sigstore/cosign-installer@v3 - # - name: install quill - # env: - # QUILL_VERSION: 0.4.1 - # run: | - # curl -Lo /tmp/quill_${QUILL_VERSION}_linux_amd64.tar.gz https://github.com/anchore/quill/releases/download/v${QUILL_VERSION}/quill_${QUILL_VERSION}_linux_amd64.tar.gz - # tar -xvf /tmp/quill_${QUILL_VERSION}_linux_amd64.tar.gz -C /tmp - # mv /tmp/quill /usr/local/bin/quill - # chmod +x /usr/local/bin/quill - # - name: set goreleaser default args - # if: startsWith(github.ref, 'refs/tags/') == true - # run: | - # echo "GORELEASER_ARGS=" >> $GITHUB_ENV - # - name: set goreleaser args for branch - # if: startsWith(github.ref, 'refs/tags/') == false - # run: | - # echo "GORELEASER_ARGS=--snapshot" >> $GITHUB_ENV - # - name: set goreleaser args renovate - # if: startsWith(github.ref, 'refs/heads/renovate') == true - # run: | - # echo "GORELEASER_ARGS=--snapshot --skip-publish" >> $GITHUB_ENV - # - name: setup quill - # uses: 1password/load-secrets-action@v2 - # if: startsWith(github.ref, 'refs/tags/') == true && github.actor == github.repository_owner - # with: - # export-env: true - # env: - # OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - # QUILL_NOTARY_KEY: ${{ secrets.OP_QUILL_NOTARY_KEY }} - # QUILL_NOTARY_KEY_ID: ${{ secrets.OP_QUILL_NOTARY_KEY_ID }} - # QUILL_NOTARY_ISSUER: ${{ secrets.OP_QUILL_NOTARY_ISSUER }} - # QUILL_SIGN_PASSWORD: ${{ secrets.OP_QUILL_SIGN_PASSWORD }} - # QUILL_SIGN_P12: ${{ secrets.OP_QUILL_SIGN_P12 }} - # - name: run goreleaser - # uses: goreleaser/goreleaser-action@v6 - # with: - # distribution: goreleaser - # version: latest - # args: release --clean ${{ env.GORELEASER_ARGS }} - # env: - # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # - name: push docker images (for branches) - # if: github.ref == 'refs/heads/main' || github.event.pull_request.base.ref == 'main' - # run: | - # docker images --format "{{.Repository}}:{{.Tag}}" | grep "${{ github.repository }}" | xargs -L1 docker push - # - name: upload artifacts - # if: ${{ github.event.pull_request.base.ref == 'main' || github.event_name == 'workflow_dispatch' }} - # uses: actions/upload-artifact@v4 - # with: - # name: binaries - # path: releases/*.tar.gz + - uses: actions/checkout@v4 + if: github.event_name == 'pull_request' + with: + fetch-depth: 0 + ref: ${{ github.event.pull_request.head.ref }} + - uses: actions/checkout@v4 + if: github.event_name != 'pull_request' + with: + fetch-depth: 0 + - name: setup-go + uses: actions/setup-go@v5 + with: + go-version: 1.21.x + - name: setup qemu + id: qemu + uses: docker/setup-qemu-action@v3 + - name: setup docker buildx + id: buildx + uses: docker/setup-buildx-action@v3 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: install cosign + uses: sigstore/cosign-installer@v3 + - name: install quill + env: + QUILL_VERSION: 0.4.1 + run: | + curl -Lo /tmp/quill_${QUILL_VERSION}_linux_amd64.tar.gz https://github.com/anchore/quill/releases/download/v${QUILL_VERSION}/quill_${QUILL_VERSION}_linux_amd64.tar.gz + tar -xvf /tmp/quill_${QUILL_VERSION}_linux_amd64.tar.gz -C /tmp + mv /tmp/quill /usr/local/bin/quill + chmod +x /usr/local/bin/quill + - name: set goreleaser default args + if: startsWith(github.ref, 'refs/tags/') == true + run: | + echo "GORELEASER_ARGS=" >> $GITHUB_ENV + - name: set goreleaser args for branch + if: startsWith(github.ref, 'refs/tags/') == false + run: | + echo "GORELEASER_ARGS=--snapshot" >> $GITHUB_ENV + - name: set goreleaser args renovate + if: startsWith(github.ref, 'refs/heads/renovate') == true + run: | + echo "GORELEASER_ARGS=--snapshot --skip-publish" >> $GITHUB_ENV + - name: setup quill + uses: 1password/load-secrets-action@v2 + if: startsWith(github.ref, 'refs/tags/') == true && github.actor == github.repository_owner + with: + export-env: true + env: + OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} + QUILL_NOTARY_KEY: ${{ secrets.OP_QUILL_NOTARY_KEY }} + QUILL_NOTARY_KEY_ID: ${{ secrets.OP_QUILL_NOTARY_KEY_ID }} + QUILL_NOTARY_ISSUER: ${{ secrets.OP_QUILL_NOTARY_ISSUER }} + QUILL_SIGN_PASSWORD: ${{ secrets.OP_QUILL_SIGN_PASSWORD }} + QUILL_SIGN_P12: ${{ secrets.OP_QUILL_SIGN_P12 }} + - name: run goreleaser + uses: goreleaser/goreleaser-action@v6 + with: + distribution: goreleaser + version: latest + args: release --clean ${{ env.GORELEASER_ARGS }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: push docker images (for branches) + if: github.ref == 'refs/heads/main' || github.event.pull_request.base.ref == 'main' + run: | + docker images --format "{{.Repository}}:{{.Tag}}" | grep "${{ github.repository }}" | xargs -L1 docker push + - name: upload artifacts + if: ${{ github.event.pull_request.base.ref == 'main' || github.event_name == 'workflow_dispatch' }} + uses: actions/upload-artifact@v4 + with: + name: binaries + path: releases/*.tar.gz diff --git a/.goreleaser.yml b/.goreleaser.yml index ac6f3ee9..30d2dddd 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -107,14 +107,14 @@ docker_manifests: - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-amd64 - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-arm64 - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-arm32v7 -signs: - - ids: - - default - cmd: cosign - signature: "${artifact}.sig" - certificate: "${artifact}.pem" - args: ["sign-blob", "--yes", "--oidc-provider=github", "--oidc-issuer=https://token.actions.githubusercontent.com", "--output-certificate=${certificate}", "--output-signature=${signature}", "${artifact}"] - artifacts: all +# signs: +# - ids: +# - default +# cmd: cosign +# signature: "${artifact}.sig" +# certificate: "${artifact}.pem" +# args: ["sign-blob", "--yes", "--oidc-provider=github", "--oidc-issuer=https://token.actions.githubusercontent.com", "--output-certificate=${certificate}", "--output-signature=${signature}", "${artifact}"] +# artifacts: all docker_signs: - ids: - default From 89f70203534dfbc086fac68989bec042514384fd Mon Sep 17 00:00:00 2001 From: Cory Bekker Date: Tue, 7 Jan 2025 09:31:20 -0800 Subject: [PATCH 4/8] remove post hook signing --- .goreleaser.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index 30d2dddd..b3e1abb3 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -35,16 +35,16 @@ builds: - -X '{{ .ModulePath }}/pkg/common.BRANCH={{ .Branch }}' - -X '{{ .ModulePath }}/pkg/common.VERSION={{ .Tag }}' - -X '{{ .ModulePath }}/pkg/common.COMMIT={{ .Commit }}' - hooks: - post: - - cmd: | - {{- if eq .Os "darwin" -}} - quill sign-and-notarize "{{ .Path }}" --dry-run={{ .IsSnapshot }} --ad-hoc={{ .IsSnapshot }} -vv - {{- else -}} - true - {{- end -}} - env: - - QUILL_LOG_FILE=/tmp/quill-{{ .Target }}.log + # hooks: + # post: + # - cmd: | + # {{- if eq .Os "darwin" -}} + # quill sign-and-notarize "{{ .Path }}" --dry-run={{ .IsSnapshot }} --ad-hoc={{ .IsSnapshot }} -vv + # {{- else -}} + # true + # {{- end -}} + # env: + # - QUILL_LOG_FILE=/tmp/quill-{{ .Target }}.log archives: - id: default builds: From 89a7088633c53287085b891d9cffa126aa87cc57 Mon Sep 17 00:00:00 2001 From: Cory Bekker Date: Tue, 7 Jan 2025 10:21:19 -0800 Subject: [PATCH 5/8] remove docker build and push from goreleaser --- .goreleaser.yml | 148 ++++++++++++++++++++++++------------------------ 1 file changed, 74 insertions(+), 74 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index b3e1abb3..0f6e9723 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -45,68 +45,68 @@ builds: # {{- end -}} # env: # - QUILL_LOG_FILE=/tmp/quill-{{ .Target }}.log -archives: - - id: default - builds: - - default - name_template: "{{ .ProjectName }}-v{{ .Version }}-{{ .Os }}-{{ .Arch }}{{ .Arm }}" - format_overrides: - - goos: windows - format: zip -dockers: - - use: buildx - goos: linux - goarch: amd64 - dockerfile: Dockerfile - image_templates: - - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-amd64 - build_flag_templates: - - "--target=goreleaser" - - "--pull" - - "--label=org.opencontainers.image.created={{.Date}}" - - "--label=org.opencontainers.image.title={{.ProjectName}}" - - "--label=org.opencontainers.image.revision={{.FullCommit}}" - - "--label=org.opencontainers.image.version={{.Version}}" - - "--label=org.opencontainers.image.source=https://github.com/ekristen/aws-nuke" - - "--platform=linux/amd64" - - use: buildx - goos: linux - goarch: arm64 - dockerfile: Dockerfile - image_templates: - - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-arm64 - build_flag_templates: - - "--platform=linux/arm64" - - "--target=goreleaser" - - "--pull" - - "--label=org.opencontainers.image.created={{.Date}}" - - "--label=org.opencontainers.image.title={{.ProjectName}}" - - "--label=org.opencontainers.image.revision={{.FullCommit}}" - - "--label=org.opencontainers.image.version={{.Version}}" - - '--label=org.opencontainers.image.source={{replace (replace (replace .GitURL "git@" "https://") ".git" "") "github.com:" "github.com/"}}' - - use: buildx - goos: linux - goarch: arm - goarm: "7" - dockerfile: Dockerfile - image_templates: - - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-arm32v7 - build_flag_templates: - - "--platform=linux/arm/v7" - - "--target=goreleaser" - - "--pull" - - "--label=org.opencontainers.image.created={{.Date}}" - - "--label=org.opencontainers.image.title={{.ProjectName}}" - - "--label=org.opencontainers.image.revision={{.FullCommit}}" - - "--label=org.opencontainers.image.version={{.Version}}" - - '--label=org.opencontainers.image.source={{replace (replace (replace .GitURL "git@" "https://") ".git" "") "github.com:" "github.com/"}}' -docker_manifests: - - use: docker - name_template: ghcr.io/ekristen/aws-nuke:v{{ .Version }} - image_templates: - - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-amd64 - - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-arm64 - - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-arm32v7 +# archives: +# - id: default +# builds: +# - default +# name_template: "{{ .ProjectName }}-v{{ .Version }}-{{ .Os }}-{{ .Arch }}{{ .Arm }}" +# format_overrides: +# - goos: windows +# format: zip +# dockers: +# - use: buildx +# goos: linux +# goarch: amd64 +# dockerfile: Dockerfile +# image_templates: +# - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-amd64 +# build_flag_templates: +# - "--target=goreleaser" +# - "--pull" +# - "--label=org.opencontainers.image.created={{.Date}}" +# - "--label=org.opencontainers.image.title={{.ProjectName}}" +# - "--label=org.opencontainers.image.revision={{.FullCommit}}" +# - "--label=org.opencontainers.image.version={{.Version}}" +# - "--label=org.opencontainers.image.source=https://github.com/ekristen/aws-nuke" +# - "--platform=linux/amd64" +# - use: buildx +# goos: linux +# goarch: arm64 +# dockerfile: Dockerfile +# image_templates: +# - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-arm64 +# build_flag_templates: +# - "--platform=linux/arm64" +# - "--target=goreleaser" +# - "--pull" +# - "--label=org.opencontainers.image.created={{.Date}}" +# - "--label=org.opencontainers.image.title={{.ProjectName}}" +# - "--label=org.opencontainers.image.revision={{.FullCommit}}" +# - "--label=org.opencontainers.image.version={{.Version}}" +# - '--label=org.opencontainers.image.source={{replace (replace (replace .GitURL "git@" "https://") ".git" "") "github.com:" "github.com/"}}' +# - use: buildx +# goos: linux +# goarch: arm +# goarm: "7" +# dockerfile: Dockerfile +# image_templates: +# - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-arm32v7 +# build_flag_templates: +# - "--platform=linux/arm/v7" +# - "--target=goreleaser" +# - "--pull" +# - "--label=org.opencontainers.image.created={{.Date}}" +# - "--label=org.opencontainers.image.title={{.ProjectName}}" +# - "--label=org.opencontainers.image.revision={{.FullCommit}}" +# - "--label=org.opencontainers.image.version={{.Version}}" +# - '--label=org.opencontainers.image.source={{replace (replace (replace .GitURL "git@" "https://") ".git" "") "github.com:" "github.com/"}}' +# docker_manifests: +# - use: docker +# name_template: ghcr.io/ekristen/aws-nuke:v{{ .Version }} +# image_templates: +# - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-amd64 +# - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-arm64 +# - ghcr.io/ekristen/aws-nuke:v{{ .Version }}-arm32v7 # signs: # - ids: # - default @@ -115,15 +115,15 @@ docker_manifests: # certificate: "${artifact}.pem" # args: ["sign-blob", "--yes", "--oidc-provider=github", "--oidc-issuer=https://token.actions.githubusercontent.com", "--output-certificate=${certificate}", "--output-signature=${signature}", "${artifact}"] # artifacts: all -docker_signs: - - ids: - - default - artifacts: all - cmd: cosign - args: ["sign", "--yes", "--oidc-provider=github", "--oidc-issuer=https://token.actions.githubusercontent.com", "--output-certificate=${certificate}", "--output-signature=${signature}", "${artifact}"] -checksum: - name_template: "checksums.txt" -snapshot: - name_template: '{{ trimprefix .Summary "v" }}' -changelog: - disable: true +# docker_signs: +# - ids: +# - default +# artifacts: all +# cmd: cosign +# args: ["sign", "--yes", "--oidc-provider=github", "--oidc-issuer=https://token.actions.githubusercontent.com", "--output-certificate=${certificate}", "--output-signature=${signature}", "${artifact}"] +# checksum: +# name_template: "checksums.txt" +# snapshot: +# name_template: '{{ trimprefix .Summary "v" }}' +# changelog: +# disable: true From 3ee1f66d26e628bffbb613290b09aab6df99bd48 Mon Sep 17 00:00:00 2001 From: Cory Bekker Date: Tue, 7 Jan 2025 11:14:54 -0800 Subject: [PATCH 6/8] remove release step because we are already manually creating a release manually --- .goreleaser.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index 0f6e9723..4e4db99b 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,9 +1,9 @@ version: 2 dist: releases -release: - github: - owner: ekristen - name: aws-nuke +# release: +# github: +# owner: ekristen +# name: aws-nuke builds: - id: default env: From af10e9e5988e98a020fb6b0ba0218d2a404a4bdc Mon Sep 17 00:00:00 2001 From: Cory Bekker Date: Tue, 7 Jan 2025 12:05:45 -0800 Subject: [PATCH 7/8] explicitly disable releases --- .goreleaser.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index 4e4db99b..909850fa 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,9 +1,7 @@ version: 2 dist: releases -# release: -# github: -# owner: ekristen -# name: aws-nuke +release: + disable: true builds: - id: default env: From 0f8140603bf167ebd03833239e9804caf42117d0 Mon Sep 17 00:00:00 2001 From: Cory Bekker Date: Tue, 7 Jan 2025 12:26:57 -0800 Subject: [PATCH 8/8] update release section to use oreilly repo --- .goreleaser.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index 909850fa..d7614001 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,7 +1,9 @@ version: 2 dist: releases release: - disable: true + github: + owner: oreillymedia + name: aws-nuke-v2 builds: - id: default env: