From e76466a79f5a44d9a99e68d363bcd8967c233b50 Mon Sep 17 00:00:00 2001 From: zadjadr Date: Thu, 18 Jul 2024 23:46:02 +0200 Subject: [PATCH] ci: use goreleaser --- .github/workflows/release.yaml | 47 +++++++++++++++------------------- .goreleaser.yaml | 32 +++++++++++++++++++++++ Dockerfile | 3 +++ 3 files changed, 55 insertions(+), 27 deletions(-) create mode 100644 .goreleaser.yaml create mode 100644 Dockerfile diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1dccded..1397b80 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,44 +1,37 @@ -name: Release +name: release on: workflow_run: workflows: ["Test"] types: - completed - create: + push: + # run only against tags tags: - "v*.*.*" +permissions: + contents: write + packages: write + jobs: - build-and-release: - if: github.event.workflow_run.conclusion == 'success' + goreleaser: runs-on: ubuntu-latest - - permissions: - contents: write - steps: - - uses: actions/checkout@v4 - + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 - name: Set up Go uses: actions/setup-go@v5 with: go-version-file: "go.mod" - - - name: Build - run: go build -v -o ./bin/ ./... - - - name: Create Release - if: startsWith(github.ref, 'refs/tags/') - uses: softprops/action-gh-release@v2 - with: - files: | - Release.txt - LICENSE - ./bin/prometheus-cve-exporter - - - name: Upload to GitHub Packages - uses: actions/upload-artifact@v4 + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v6 with: - name: prometheus-cve-exporter - path: ./bin/prometheus-cve-exporter + distribution: goreleaser + # 'latest', 'nightly', or a semver + version: "~> v1" + args: release --clean + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.goreleaser.yaml b/.goreleaser.yaml new file mode 100644 index 0000000..7de2836 --- /dev/null +++ b/.goreleaser.yaml @@ -0,0 +1,32 @@ +project_name: prometheus-cve-exporter +builds: + - env: [CGO_ENABLED=0] + main: ./cmd/prometheus-cve-exporter + goos: + - linux + - windows + - darwin + goarch: + - amd64 + - arm64 +dockers: + - image_templates: ["ghcr.io/zadjadr/prometheus-cve-exporter:{{ .Version }}"] + dockerfile: Dockerfile + build_flag_templates: + - --label=org.opencontainers.image.title={{ .ProjectName }} + - --label=org.opencontainers.image.description="Prometheus CVE Exporter is a Golang application that scans your system for all installed packages and compares them with the recent NVD JSON feed. It exports metrics that provide insights into the security status of your packages." + - --label=org.opencontainers.image.url=https://github.com/zadjadr/prometheus-cve-exporter + - --label=org.opencontainers.image.source=https://github.com/zadjadr/prometheus-cve-exporter + - --label=org.opencontainers.image.version={{ .Version }} + - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }} + - --label=org.opencontainers.image.revision={{ .FullCommit }} + - --label=org.opencontainers.image.licenses=MIT +nfpms: + - maintainer: Zadjad Rezai + description: Prometheus CVE Exporter is a Golang application that scans your system for all installed packages and compares them with the recent NVD JSON feed. It exports metrics that provide insights into the security status of your packages. + homepage: https://github.com/zadjadr/prometheus-cve-exporter + license: MIT + formats: + - deb + - rpm + - apk diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..74ddd31 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,3 @@ +FROM scratch +COPY prometheus-cve-exporter /usr/bin/prometheus-cve-exporter +ENTRYPOINT ["/usr/bin/prometheus-cve-exporter"]