mirror/ nfpm
1
1
Fork 0
mirror of https://github.com/goreleaser/nfpm synced 2024-05-05 16:06:27 +02:00
Code Issues Releases Activity

build: use nix flake (#761) 

* build: use nix flake

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>

* docs: fmt

---------

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
This commit is contained in:
Carlos Alexandro Becker 2023-12-28 20:47:17 -03:00 committed by GitHub
parent 440588e9d2
commit a117582d8c
Signed by: GitHub
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 164 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.envrc
View File

@ -1 +1 @@
use nix
use flake

28
.github/workflows/docs.yml vendored
View File

@ -3,27 +3,25 @@ name: docs
on:
push:
branches:
- 'main'
- "main"
paths:
- '.github/workflows/htmltest.yml'
- 'www/*'
pull_request: {}
- "www/**/*"
- ".github/workflows/docs.yml"
pull_request:
paths:
- "www/**/*"
- ".github/workflows/docs.yml"
permissions: read-all
permissions:
contents: read
jobs:
htmltest:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: arduino/setup-task@v1
- uses: cachix/install-nix-action@v24
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/setup-go@v5
with:
go-version: stable
- run: task docs:build
- uses: wjdp/htmltest-action@master
with:
path: www/site
config: www/htmltest.yml
nix_path: nixpkgs=channel:nixos-unstable
github_access_token: ${{ secrets.GITHUB_TOKEN }}
- run: nix develop .#docs --command ci-docs

1
.gitignore vendored
View File

@ -20,3 +20,4 @@ manpages
output.json
!acceptance_test.go
.direnv/
tmp/

6
Taskfile.yml
View File

@ -139,6 +139,12 @@ tasks:
- task: docs:generate
- "mkdocs build -f www/mkdocs.yml"
docs:test:
desc: Test docs with htmltest
cmds:
- task: docs:build
- "htmltest www/site -c www/htmltest.yml"
release:
desc: Create a new tag
vars:

78
flake.lock Normal file
View File

@ -0,0 +1,78 @@
{
"nodes": {
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1703438236,
"narHash": "sha256-aqVBq1u09yFhL7bj1/xyUeJjzr92fXVvQSSEx6AdB1M=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5f64a12a728902226210bf01d25ec6cbb9d9265b",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs",
"staging": "staging"
}
},
"staging": {
"locked": {
"lastModified": 1703777495,
"narHash": "sha256-ISkNWa58+6Uk/nQ47omTETrV+yhKFbnU/wR9n+3ux8g=",
"owner": "caarlos0",
"repo": "nixpkgs",
"rev": "e1d1738a056a052aedb6560c240b2749af33fee0",
"type": "github"
},
"original": {
"owner": "caarlos0",
"ref": "wip",
"repo": "nixpkgs",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

46
flake.nix Normal file
View File

@ -0,0 +1,46 @@
{
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
staging.url = "github:caarlos0/nixpkgs/wip";
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { nixpkgs, staging, flake-utils, ... }:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages.${system};
staging-pkgs = staging.legacyPackages.${system};
in
{
packages.default = pkgs.buildGoModule {
pname = "nfpm";
version = "unversioned";
src = ./.;
ldflags = [ "-s" "-w" "-X main.version=dev" "-X main.builtBy=flake" ];
doCheck = false;
vendorHash = "sha256-P9jSQG6EyVGMZKtThy8Q7Y/pV7mbMl2eGrylea0VHRc=";
};
devShells.default = pkgs.mkShell {
packages = with pkgs; with staging-pkgs.python311Packages; [
go
go-task
gofumpt
];
shellHook = "go mod tidy";
};
devShells.docs = pkgs.mkShell {
packages = with pkgs; with staging-pkgs.python311Packages; [
(pkgs.writeScriptBin "ci-docs" "task docs:test")
go-task
htmltest
mkdocs-material
mkdocs-minify
] ++ mkdocs-material.passthru.optional-dependencies.git;
};
}
);
}

12
shell.nix
View File

@ -1,12 +0,0 @@
{ pkgs ? import <nixpkgs> { } }:
pkgs.mkShell {
packages = with pkgs; [
go
go-task
gofumpt
python311Packages.mkdocs-material
python311Packages.mkdocs-minify
];
}

33
www/docs/install.md
View File

@ -20,7 +20,8 @@ brew install nfpm
```
!!! info
The [formula in homebrew-core](https://github.com/Homebrew/homebrew-core/blob/master/Formula/nfpm.rb) might be slightly outdated.
The [formula in homebrew-core](https://github.com/Homebrew/homebrew-core/blob/master/Formula/n/nfpm.rb) might be slightly outdated.
Use our homebrew tap to always get the latest updates.
### scoop
@ -73,24 +74,25 @@ All artifacts are checksummed, and the checksum is signed with [cosign][].
1. Download the files you want, the `checksums.txt` and `checksums.txt.sig`
files from the [releases][releases] page:
```bash
wget 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt'
```
```bash
wget 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt'
```
1. Verify the signature:
```bash
cosign verify-blob \
--certificate-identity 'https://github.com/goreleaser/nfpm/.github/workflows/release.yml@refs/tags/__VERSION__' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
--signature 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt.sig' \
--cert 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt.pem' \
checksums.txt
```
```bash
cosign verify-blob \
--certificate-identity 'https://github.com/goreleaser/nfpm/.github/workflows/release.yml@refs/tags/__VERSION__' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
--signature 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt.sig' \
--cert 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt.pem' \
checksums.txt
```
1. If the signature is valid, you can then verify the SHA256 sums match with the
downloaded binary:
```bash
sha256sum --ignore-missing -c checksums.txt
```
```bash
sha256sum --ignore-missing -c checksums.txt
```
### docker images
@ -155,4 +157,3 @@ go build -o nfpm ./cmd/nfpm
[releases]: https://github.com/goreleaser/nfpm/releases
[cosign]: https://github.com/sigstore/cosign

4
www/docs/tips.md
View File

@ -200,7 +200,7 @@ On upgrade, the scripts are being executed in the following order:
### The `.lintian-overrides` file
It is recommended to run [lintian](https://lintian.debian.org) against your
It is recommended to run [lintian](https://wiki.debian.org/Lintian) against your
deb packages to see if there are any problems.
You can also add a `lintian-overrides` file:
@ -215,7 +215,7 @@ contents:
mode: 0644
```
You can read more in [lintian's documentation](https://lintian.debian.org/manual/index.html).
You can read more in [lintian's documentation](https://wiki.debian.org/Lintian).
### The `copyright` file