diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1dccded..c495731 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,44 +1,40 @@ -name: Release +name: release on: - workflow_run: - workflows: ["Test"] - types: - - completed - create: + push: tags: - "v*.*.*" +permissions: + contents: write + packages: write + jobs: - build-and-release: - if: github.event.workflow_run.conclusion == 'success' + test: + uses: ./.github/workflows/test.yml + goreleaser: runs-on: ubuntu-latest - - permissions: - contents: write - steps: - - uses: actions/checkout@v4 - + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 - name: Set up Go uses: actions/setup-go@v5 with: go-version-file: "go.mod" - - - name: Build - run: go build -v -o ./bin/ ./... - - - name: Create Release - if: startsWith(github.ref, 'refs/tags/') - uses: softprops/action-gh-release@v2 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 with: - files: | - Release.txt - LICENSE - ./bin/prometheus-cve-exporter - - - name: Upload to GitHub Packages - uses: actions/upload-artifact@v4 + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v6 with: - name: prometheus-cve-exporter - path: ./bin/prometheus-cve-exporter + distribution: goreleaser + # 'latest', 'nightly', or a semver + version: "~> v1" + args: release --clean + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index f666ab9..c6e2c63 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -1,6 +1,6 @@ name: Test - on: + workflow_call: push: branches: - main diff --git a/.goreleaser.yaml b/.goreleaser.yaml new file mode 100644 index 0000000..392db84 --- /dev/null +++ b/.goreleaser.yaml @@ -0,0 +1,36 @@ +project_name: prometheus-cve-exporter +builds: + - env: [CGO_ENABLED=0] + main: ./cmd/prometheus-cve-exporter + goos: + - linux + - windows + - darwin + goarch: + - amd64 + - arm64 +dockers: + - image_templates: + - "ghcr.io/zadjadr/prometheus-cve-exporter:{{ .Tag }}" + - "ghcr.io/zadjadr/prometheus-cve-exporter:v{{ .Major }}" + - "ghcr.io/zadjadr/prometheus-cve-exporter:v{{ .Major }}.{{ .Minor }}" + - "ghcr.io/zadjadr/prometheus-cve-exporter:latest" + dockerfile: Dockerfile + build_flag_templates: + - --label=org.opencontainers.image.title={{ .ProjectName }} + - --label=org.opencontainers.image.description="Prometheus CVE Exporter is a Golang application that scans your system for all installed packages and compares them with the recent NVD JSON feed. It exports metrics that provide insights into the security status of your packages." + - --label=org.opencontainers.image.url=https://github.com/zadjadr/prometheus-cve-exporter + - --label=org.opencontainers.image.source=https://github.com/zadjadr/prometheus-cve-exporter + - --label=org.opencontainers.image.version=v{{ .Major }}.{{ .Minor }}" + - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} + - --label=org.opencontainers.image.revision={{ .FullCommit }} + - --label=org.opencontainers.image.licenses=MIT +nfpms: + - maintainer: Zadjad Rezai + description: Prometheus CVE Exporter is a Golang application that scans your system for all installed packages and compares them with the recent NVD JSON feed. It exports metrics that provide insights into the security status of your packages. + homepage: https://github.com/zadjadr/prometheus-cve-exporter + license: MIT + formats: + - deb + - rpm + - apk diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..74ddd31 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,3 @@ +FROM scratch +COPY prometheus-cve-exporter /usr/bin/prometheus-cve-exporter +ENTRYPOINT ["/usr/bin/prometheus-cve-exporter"]