Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: integrate sbom generation to goreleaser #1850

Merged
merged 7 commits into from
Nov 2, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 29 additions & 4 deletions .goreleaser.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ before:
hooks:
- go mod download
- go mod tidy
- go install github.com/CycloneDX/cyclonedx-gomod@v1.0.0

builds:
-
Expand All @@ -28,8 +29,11 @@ builds:
- amd64
goos:
- darwin
hooks:
post:
- cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json"
- cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json"
-

id: kratos-sqlite-darwin-arm
flags:
- -tags
Expand All @@ -46,7 +50,10 @@ builds:
- arm64
goos:
- darwin

hooks:
post:
- cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json"
- cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json"
-
id: kratos-sqlite-linux
flags:
Expand All @@ -61,7 +68,10 @@ builds:
- amd64
goos:
- linux

hooks:
post:
- cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json"
- cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json"
-
id: kratos-sqlite-linux-libmusl
flags:
Expand All @@ -77,7 +87,10 @@ builds:
- amd64
goos:
- linux

hooks:
post:
- cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite-libmusl_{{ .Target }}.bom.json"
- cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite-libmusl_{{ .Target }}.bom.json"
-
id: kratos-sqlite-windows
flags:
Expand All @@ -97,6 +110,10 @@ builds:
- amd64
goos:
- windows
hooks:
post:
- cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json"
- cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json"

-
id: kratos
Expand All @@ -118,6 +135,10 @@ builds:
- linux
- windows
- darwin
hooks:
post:
- cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}_{{ .Target }}.bom.json"
- cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}_{{ .Target }}.bom.json"

archives:
- id: kratos-sqlite
Expand Down Expand Up @@ -215,6 +236,8 @@ scoop:

checksum:
algorithm: sha256
extra_files:
- glob: ./dist/*.bom.json

dockers:
- dockerfile: .docker/Dockerfile-sqlite
Expand Down Expand Up @@ -245,3 +268,5 @@ release:
- kratos-sqlite
- kratos-sqlite-libmusl
- kratos
extra_files:
- glob: ./dist/*.bom.json
20 changes: 20 additions & 0 deletions .releaser/rename.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
#!/bin/bash

# workaround script as goreleaser doesnt support 'replacements' in builds section
# needed to adjust cyclonedx-gomod sbom files to match archive file names
# https://github.com/goreleaser/goreleaser/issues/2617
filename=$1
filename_adjusted=${filename//darwin/macos}
filename_adjusted=${filename_adjusted//386/32bit}
filename_adjusted=${filename_adjusted//amd64/64bit}
filename_adjusted=${filename_adjusted//arm_5/arm32v5}
filename_adjusted=${filename_adjusted//arm_6/arm32v6}
filename_adjusted=${filename_adjusted//arm_7/arm32v7}

if [ "$filename" != "$filename_adjusted" ]; then
echo "Renaming '$filename' to '$filename_adjusted' ..."
mv "$filename" "$filename_adjusted"
else
echo "Skipping file '$filename' ..."
fi