-
Notifications
You must be signed in to change notification settings - Fork 691
/
.goreleaser.yml
131 lines (107 loc) · 3.32 KB
/
.goreleaser.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
project_name: sealed-secrets
env:
- CGO_ENABLED=0
builds:
- binary: controller
id: controller
main: ./cmd/controller
ldflags:
- -X main.VERSION={{ .Version }}
targets:
- darwin_amd64
- darwin_arm64
- linux_amd64
- linux_arm64
- linux_arm
- windows_amd64
- binary: kubeseal
id: kubeseal
main: ./cmd/kubeseal
ldflags:
- -X main.VERSION={{ .Version }}
targets:
- darwin_amd64
- darwin_arm64
- linux_amd64
- linux_arm64
- linux_arm
- windows_amd64
archives:
- builds:
- kubeseal
name_template: "kubeseal-{{ .Version }}-{{ .Os }}-{{ .Arch }}"
checksum:
algorithm: sha256
changelog:
sort: asc
filters:
exclude:
- '^docs:'
- '^helm:'
- '^integration:'
- '^vendor_jsonnet:'
signs:
- cmd: cosign
stdin: '{{ .Env.COSIGN_PASSWORD }}'
output: true
artifacts: all
args:
- 'sign-blob'
- '--key=/tmp/cosign.key'
- '--output-signature=${signature}'
- '--yes'
- '${artifact}'
release:
name_template: "{{ .ProjectName }}-v{{ .Version }}"
header: |
## v{{ .Version }} ({{ .Date }})
New v{{ .Version }} release!
footer: |
## Installation Instructions
### Cluster-side
Install the SealedSecret CRD and server-side controller into the `kube-system` namespace:
```sh
kubectl apply -f https://github.com/bitnami-labs/sealed-secrets/releases/download/v{{ .Version }}/controller.yaml
```
### Client-side
Install the client-side tool into `/usr/local/bin/`:
**Linux x86_64:**
```sh
curl -OL "https://github.com/bitnami-labs/sealed-secrets/releases/download/v{{ .Version }}/kubeseal-{{ .Version }}-linux-amd64.tar.gz"
tar -xvzf kubeseal-{{ .Version }}-linux-amd64.tar.gz kubeseal
sudo install -m 755 kubeseal /usr/local/bin/kubeseal
```
**macOS:**
The `kubeseal` client is available on [homebrew](https://formulae.brew.sh/formula/kubeseal):
```sh
brew install kubeseal
```
**MacPorts:**
The `kubeseal` client is available on [MacPorts](https://ports.macports.org/port/kubeseal/summary):
```sh
port install kubeseal
```
#### Nixpkgs
The `kubeseal` client is available on [Nixpkgs](https://search.nixos.org/packages?channel=unstable&show=kubeseal&from=0&size=50&sort=relevance&type=packages&query=kubeseal): (**DISCLAIMER**: Not maintained by bitnami-labs)
```sh
nix-env -iA nixpkgs.kubeseal
```
**Other OS/Arch:**
Binaries for other OS/arch combinations are attached to this release below.
If you just want the latest client tool, it can be installed into
`$GOPATH/bin` with:
```sh
go install github.com/bitnami-labs/sealed-secrets/cmd/kubeseal@main
```
You can specify a release tag or a commit SHA instead of `main`.
The `go install` command will place the `kubeseal` binary at `$GOPATH/bin`:
```sh
$(go env GOPATH)/bin/kubeseal
```
## Release Notes
Please read the [RELEASE_NOTES](https://github.com/bitnami-labs/sealed-secrets/blob/main/RELEASE-NOTES.md) which contain among other things important information for those upgrading from previous releases.
## Thanks!
extra_files:
- glob: ./controller.yaml
- glob: ./controller-norbac.yaml
- glob: ./.github/workflows/cosign.pub