before: hooks: # The build is done in this particular way to build Caddy in a designated directory named in .gitignore. # This is so we can run goreleaser on tag without Git complaining of being dirty. The main.go in cmd/caddy directory # cannot be built within that directory due to changes necessary for the build causing Git to be dirty, which # subsequently causes gorleaser to refuse running. - mkdir -p caddy-build - cp cmd/caddy/main.go caddy-build/main.go - /bin/sh -c 'cd ./caddy-build && go mod init caddy' # GoReleaser doesn't seem to offer {{.Tag}} at this stage, so we have to embed it into the env # so we run: TAG=$(git describe --abbrev=0) goreleaser release --rm-dist --skip-publish --skip-validate - go mod edit -require=github.com/caddyserver/caddy/v2@{{.Env.TAG}} ./caddy-build/go.mod # as of Go 1.16, `go` commands no longer automatically change go.{mod,sum}. We now have to explicitly # run `go mod tidy`. The `/bin/sh -c '...'` is because goreleaser can't find cd in PATH without shell invocation. - /bin/sh -c 'cd ./caddy-build && go mod tidy' - git clone --depth 1 https://github.com/caddyserver/dist caddy-dist - mkdir -p caddy-dist/man - go mod download - go run cmd/caddy/main.go manpage --directory ./caddy-dist/man - gzip -r ./caddy-dist/man/ - /bin/sh -c 'go run cmd/caddy/main.go completion bash > ./caddy-dist/scripts/bash-completion' builds: - env: - CGO_ENABLED=0 - GO111MODULE=on main: main.go dir: ./caddy-build binary: caddy goos: - darwin - linux - windows - freebsd goarch: - amd64 - arm - arm64 - s390x - ppc64le goarm: - "5" - "6" - "7" ignore: - goos: darwin goarch: arm - goos: darwin goarch: ppc64le - goos: darwin goarch: s390x - goos: windows goarch: ppc64le - goos: windows goarch: s390x - goos: freebsd goarch: ppc64le - goos: freebsd goarch: s390x - goos: freebsd goarch: arm goarm: "5" flags: - -trimpath - -mod=readonly ldflags: - -s -w signs: - cmd: cosign signature: "${artifact}.sig" certificate: '{{ trimsuffix (trimsuffix .Env.artifact ".zip") ".tar.gz" }}.pem' args: ["sign-blob", "--output-signature=${signature}", "--output-certificate", "${certificate}", "${artifact}"] artifacts: all sboms: - artifacts: binary documents: - '{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{if .Arm}}v{{ .Arm }}{{end}}.sbom' cmd: syft args: ["$artifact", "--file", "${document}", "--output", "cyclonedx-json"] archives: - format_overrides: - goos: windows format: zip replacements: darwin: mac checksum: algorithm: sha512 nfpms: - id: default package_name: caddy vendor: Dyanim homepage: https://caddyserver.com maintainer: Matthew Holt description: | Caddy - Powerful, enterprise-ready, open source web server with automatic HTTPS written in Go license: Apache 2.0 formats: - deb # - rpm bindir: /usr/bin contents: - src: ./caddy-dist/init/caddy.service dst: /lib/systemd/system/caddy.service - src: ./caddy-dist/init/caddy-api.service dst: /lib/systemd/system/caddy-api.service - src: ./caddy-dist/welcome/index.html dst: /usr/share/caddy/index.html - src: ./caddy-dist/scripts/bash-completion dst: /etc/bash_completion.d/caddy - src: ./caddy-dist/config/Caddyfile dst: /etc/caddy/Caddyfile type: config - src: ./caddy-dist/man/* dst: /usr/share/man/man8/ scripts: postinstall: ./caddy-dist/scripts/postinstall.sh preremove: ./caddy-dist/scripts/preremove.sh postremove: ./caddy-dist/scripts/postremove.sh release: github: owner: caddyserver name: caddy draft: true prerelease: auto changelog: sort: asc filters: exclude: - '^chore:' - '^ci:' - '^docs?:' - '^readme:' - '^tests?:' - '^\w+\s+' # a hack to remove commit messages without colons thus don't correspond to a package