mirror of
https://github.com/goreleaser/nfpm
synced 2024-05-05 16:06:27 +02:00
build: use nix flake (#761)
* build: use nix flake Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> * docs: fmt --------- Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
This commit is contained in:
parent
440588e9d2
commit
a117582d8c
|
@ -3,27 +3,25 @@ name: docs
|
|||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'main'
|
||||
- "main"
|
||||
paths:
|
||||
- '.github/workflows/htmltest.yml'
|
||||
- 'www/*'
|
||||
pull_request: {}
|
||||
- "www/**/*"
|
||||
- ".github/workflows/docs.yml"
|
||||
pull_request:
|
||||
paths:
|
||||
- "www/**/*"
|
||||
- ".github/workflows/docs.yml"
|
||||
|
||||
permissions: read-all
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
htmltest:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: arduino/setup-task@v1
|
||||
- uses: cachix/install-nix-action@v24
|
||||
with:
|
||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
- uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version: stable
|
||||
- run: task docs:build
|
||||
- uses: wjdp/htmltest-action@master
|
||||
with:
|
||||
path: www/site
|
||||
config: www/htmltest.yml
|
||||
nix_path: nixpkgs=channel:nixos-unstable
|
||||
github_access_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
- run: nix develop .#docs --command ci-docs
|
||||
|
|
|
@ -20,3 +20,4 @@ manpages
|
|||
output.json
|
||||
!acceptance_test.go
|
||||
.direnv/
|
||||
tmp/
|
||||
|
|
|
@ -139,6 +139,12 @@ tasks:
|
|||
- task: docs:generate
|
||||
- "mkdocs build -f www/mkdocs.yml"
|
||||
|
||||
docs:test:
|
||||
desc: Test docs with htmltest
|
||||
cmds:
|
||||
- task: docs:build
|
||||
- "htmltest www/site -c www/htmltest.yml"
|
||||
|
||||
release:
|
||||
desc: Create a new tag
|
||||
vars:
|
||||
|
|
|
@ -0,0 +1,78 @@
|
|||
{
|
||||
"nodes": {
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1701680307,
|
||||
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1703438236,
|
||||
"narHash": "sha256-aqVBq1u09yFhL7bj1/xyUeJjzr92fXVvQSSEx6AdB1M=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "5f64a12a728902226210bf01d25ec6cbb9d9265b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"staging": "staging"
|
||||
}
|
||||
},
|
||||
"staging": {
|
||||
"locked": {
|
||||
"lastModified": 1703777495,
|
||||
"narHash": "sha256-ISkNWa58+6Uk/nQ47omTETrV+yhKFbnU/wR9n+3ux8g=",
|
||||
"owner": "caarlos0",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "e1d1738a056a052aedb6560c240b2749af33fee0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "caarlos0",
|
||||
"ref": "wip",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
|
@ -0,0 +1,46 @@
|
|||
{
|
||||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
staging.url = "github:caarlos0/nixpkgs/wip";
|
||||
flake-utils.url = "github:numtide/flake-utils";
|
||||
};
|
||||
outputs = { nixpkgs, staging, flake-utils, ... }:
|
||||
flake-utils.lib.eachDefaultSystem (system:
|
||||
let
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
staging-pkgs = staging.legacyPackages.${system};
|
||||
in
|
||||
{
|
||||
packages.default = pkgs.buildGoModule {
|
||||
pname = "nfpm";
|
||||
version = "unversioned";
|
||||
src = ./.;
|
||||
ldflags = [ "-s" "-w" "-X main.version=dev" "-X main.builtBy=flake" ];
|
||||
doCheck = false;
|
||||
vendorHash = "sha256-P9jSQG6EyVGMZKtThy8Q7Y/pV7mbMl2eGrylea0VHRc=";
|
||||
};
|
||||
|
||||
devShells.default = pkgs.mkShell {
|
||||
packages = with pkgs; with staging-pkgs.python311Packages; [
|
||||
go
|
||||
go-task
|
||||
gofumpt
|
||||
];
|
||||
shellHook = "go mod tidy";
|
||||
};
|
||||
|
||||
devShells.docs = pkgs.mkShell {
|
||||
packages = with pkgs; with staging-pkgs.python311Packages; [
|
||||
(pkgs.writeScriptBin "ci-docs" "task docs:test")
|
||||
go-task
|
||||
htmltest
|
||||
mkdocs-material
|
||||
mkdocs-minify
|
||||
] ++ mkdocs-material.passthru.optional-dependencies.git;
|
||||
};
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
|
12
shell.nix
12
shell.nix
|
@ -1,12 +0,0 @@
|
|||
{ pkgs ? import <nixpkgs> { } }:
|
||||
|
||||
pkgs.mkShell {
|
||||
packages = with pkgs; [
|
||||
go
|
||||
go-task
|
||||
gofumpt
|
||||
|
||||
python311Packages.mkdocs-material
|
||||
python311Packages.mkdocs-minify
|
||||
];
|
||||
}
|
|
@ -20,7 +20,8 @@ brew install nfpm
|
|||
```
|
||||
|
||||
!!! info
|
||||
The [formula in homebrew-core](https://github.com/Homebrew/homebrew-core/blob/master/Formula/nfpm.rb) might be slightly outdated.
|
||||
|
||||
The [formula in homebrew-core](https://github.com/Homebrew/homebrew-core/blob/master/Formula/n/nfpm.rb) might be slightly outdated.
|
||||
Use our homebrew tap to always get the latest updates.
|
||||
|
||||
### scoop
|
||||
|
@ -73,24 +74,25 @@ All artifacts are checksummed, and the checksum is signed with [cosign][].
|
|||
|
||||
1. Download the files you want, the `checksums.txt` and `checksums.txt.sig`
|
||||
files from the [releases][releases] page:
|
||||
```bash
|
||||
wget 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt'
|
||||
```
|
||||
|
||||
```bash
|
||||
wget 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt'
|
||||
```
|
||||
|
||||
1. Verify the signature:
|
||||
```bash
|
||||
cosign verify-blob \
|
||||
--certificate-identity 'https://github.com/goreleaser/nfpm/.github/workflows/release.yml@refs/tags/__VERSION__' \
|
||||
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
|
||||
--signature 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt.sig' \
|
||||
--cert 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt.pem' \
|
||||
checksums.txt
|
||||
```
|
||||
```bash
|
||||
cosign verify-blob \
|
||||
--certificate-identity 'https://github.com/goreleaser/nfpm/.github/workflows/release.yml@refs/tags/__VERSION__' \
|
||||
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
|
||||
--signature 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt.sig' \
|
||||
--cert 'https://github.com/goreleaser/nfpm/releases/download/__VERSION__/checksums.txt.pem' \
|
||||
checksums.txt
|
||||
```
|
||||
1. If the signature is valid, you can then verify the SHA256 sums match with the
|
||||
downloaded binary:
|
||||
```bash
|
||||
sha256sum --ignore-missing -c checksums.txt
|
||||
```
|
||||
```bash
|
||||
sha256sum --ignore-missing -c checksums.txt
|
||||
```
|
||||
|
||||
### docker images
|
||||
|
||||
|
@ -155,4 +157,3 @@ go build -o nfpm ./cmd/nfpm
|
|||
|
||||
[releases]: https://github.com/goreleaser/nfpm/releases
|
||||
[cosign]: https://github.com/sigstore/cosign
|
||||
|
||||
|
|
|
@ -200,7 +200,7 @@ On upgrade, the scripts are being executed in the following order:
|
|||
|
||||
### The `.lintian-overrides` file
|
||||
|
||||
It is recommended to run [lintian](https://lintian.debian.org) against your
|
||||
It is recommended to run [lintian](https://wiki.debian.org/Lintian) against your
|
||||
deb packages to see if there are any problems.
|
||||
|
||||
You can also add a `lintian-overrides` file:
|
||||
|
@ -215,7 +215,7 @@ contents:
|
|||
mode: 0644
|
||||
```
|
||||
|
||||
You can read more in [lintian's documentation](https://lintian.debian.org/manual/index.html).
|
||||
You can read more in [lintian's documentation](https://wiki.debian.org/Lintian).
|
||||
|
||||
### The `copyright` file
|
||||
|
||||
|
|
Loading…
Reference in New Issue