diff --git a/.circleci/config.yml b/.circleci/config.yml index 6a0e0ebc..8a965894 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -14,8 +14,6 @@ commands: description: Installs dependencies for CI scripts steps: - run: apk update - # gettext provides envsubst - - run: apk add gettext # Register other docker platforms, to build arm64. # This shouldn't be needed, why TBD. - run: docker run --privileged --rm tonistiigi/binfmt --install all diff --git a/.gitignore b/.gitignore index 252997c0..273246ec 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,3 @@ -# goreleaser is run via a wrapper that creates .goreleaser.yml from .goreleaser.yml.envsubst -.goreleaser.yml # dist # # Binaries for programs and plugins .go-version diff --git a/.goreleaser.yml.envsubst b/.goreleaser.yml similarity index 76% rename from .goreleaser.yml.envsubst rename to .goreleaser.yml index e8bbe5df..11f8b161 100644 --- a/.goreleaser.yml.envsubst +++ b/.goreleaser.yml @@ -28,9 +28,9 @@ builds: - arm - arm64 goarm: - - 6 - - 7 - # Go does not support windows/arm (32-bit); only windows/arm64 is supported. + - "6" + - "7" + # Go does not support windows/arm (32-bit); only windows/arm64 is supported. ignore: - goos: windows goarch: arm @@ -43,8 +43,8 @@ signs: args: ["sign-blob", "--key=hashivault://cosign", "-output-signature=${signature}", "${artifact}"] artifacts: checksum release: - # This is replaced using `envsubst`, depending on the git branch. - disable: ${skip_release} + # Branch/PR builds set GORELEASER_SKIP_RELEASE=true; tag builds set false. + disable: '{{ eq .Env.GORELEASER_SKIP_RELEASE "true" }}' prerelease: auto footer: | You can verify the signature of the checksums.txt file using [cosign](https://github.com/sigstore/cosign). @@ -54,8 +54,7 @@ release: ``` brews: - name: polaris - # This is replaced using `envsubst`, depending on the git branch. - skip_upload: ${skip_release} + skip_upload: '{{ eq .Env.GORELEASER_SKIP_RELEASE "true" }}' repository: owner: FairwindsOps name: homebrew-tap @@ -80,39 +79,35 @@ dockers: build_flag_templates: - "--platform=linux/arm64" docker_manifests: -# Create DOcker manifests that make multiple architectures available within a tag, +# Create Docker manifests that make multiple architectures available within a tag, # and provide partial-version tags like 2, and 2.2. - name_template: quay.io/fairwinds/polaris:{{ .FullCommit }} image_templates: - "quay.io/fairwinds/polaris:{{ .FullCommit }}-amd64" - "quay.io/fairwinds/polaris:{{ .FullCommit }}-arm64" -- name_template: quay.io/fairwinds/polaris:{{ .Env.feature_docker_tag }} - # This is replaced using `envsubst`, depending on the git branch. - skip_push: ${skip_feature_docker_tags} +- name_template: 'quay.io/fairwinds/polaris:{{ envOrDefault "FEATURE_DOCKER_TAG" "none" }}' + # Tag builds set GORELEASER_SKIP_FEATURE_DOCKER_TAGS=true; feature branches set false. + skip_push: '{{ eq .Env.GORELEASER_SKIP_FEATURE_DOCKER_TAGS "true" }}' image_templates: - "quay.io/fairwinds/polaris:{{ .FullCommit }}-amd64" - "quay.io/fairwinds/polaris:{{ .FullCommit }}-arm64" - name_template: quay.io/fairwinds/polaris:latest - # This is replaced using `envsubst`, depending on the git branch. - skip_push: ${skip_release} + skip_push: '{{ eq .Env.GORELEASER_SKIP_RELEASE "true" }}' image_templates: - "quay.io/fairwinds/polaris:{{ .FullCommit }}-amd64" - "quay.io/fairwinds/polaris:{{ .FullCommit }}-arm64" - name_template: quay.io/fairwinds/polaris:{{ .Tag }} - # This is replaced using `envsubst`, depending on the git branch. - skip_push: ${skip_release} + skip_push: '{{ eq .Env.GORELEASER_SKIP_RELEASE "true" }}' image_templates: - "quay.io/fairwinds/polaris:{{ .FullCommit }}-amd64" - "quay.io/fairwinds/polaris:{{ .FullCommit }}-arm64" - name_template: quay.io/fairwinds/polaris:{{ .Major }} - # This is replaced using `envsubst`, depending on the git branch. - skip_push: ${skip_release} + skip_push: '{{ eq .Env.GORELEASER_SKIP_RELEASE "true" }}' image_templates: - "quay.io/fairwinds/polaris:{{ .FullCommit }}-amd64" - "quay.io/fairwinds/polaris:{{ .FullCommit }}-arm64" - name_template: quay.io/fairwinds/polaris:{{ .Major }}.{{ .Minor }} - # This is replaced using `envsubst`, depending on the git branch. - skip_push: ${skip_release} + skip_push: '{{ eq .Env.GORELEASER_SKIP_RELEASE "true" }}' image_templates: - "quay.io/fairwinds/polaris:{{ .FullCommit }}-amd64" - "quay.io/fairwinds/polaris:{{ .FullCommit }}-arm64" diff --git a/scripts/goreleaser.sh b/scripts/goreleaser.sh index 0d03fb1b..078b0eaa 100755 --- a/scripts/goreleaser.sh +++ b/scripts/goreleaser.sh @@ -1,8 +1,8 @@ #!/usr/bin/env sh -# Wrap goreleaser by using envsubst on .goreleaser.yml, -# and creating a temporary git tag. +# Wrap goreleaser with branch/tag-specific env (see .goreleaser.yml templates) +# and, on non-tag CI runs, a temporary git tag. -function cleanup { +cleanup() { if [ "${CIRCLE_TAG}" == "" ] ; then echo "${this_script} deleting git tag ${temporary_git_tag} for goreleaser" unset GORELEASER_CURRENT_TAG @@ -13,15 +13,14 @@ function cleanup { set -eE # errexit and errtrace trap 'cleanup' ERR this_script="$(basename $0)" -hash envsubst hash goreleaser if [ "${TMPDIR}" == "" ] ; then export TMPDIR="/tmp" echo "${this_script} temporarily set the TMPDIR environment variable to ${TMPDIR}, used for a temporary GOBIN environment variable" fi -export skip_feature_docker_tags=false -export skip_release=true +export GORELEASER_SKIP_FEATURE_DOCKER_TAGS=false +export GORELEASER_SKIP_RELEASE=true if [ "${CIRCLE_TAG}" == "" ] ; then # Create a temporary tag for goreleaser, incrementing the last tag. last_git_tag="$(git describe --tags --abbrev=0 2>/dev/null)" @@ -41,23 +40,16 @@ if [ "${CIRCLE_TAG}" == "" ] ; then # The -f is included to overwrite existing tags, perhaps from previous CI jobs. git tag -f -m "temporary local tag for goreleaser" ${temporary_git_tag} export GORELEASER_CURRENT_TAG=${temporary_git_tag} - # Use an adjusted git feature branch name as a docker tag. - export feature_docker_tag=$(echo "${CIRCLE_BRANCH:0:26}" | sed 's/[^a-zA-Z0-9]/-/g' | sed 's/-\+$//') - echo "${this_script} also using docker tag ${feature_docker_tag} since ${CIRCLE_BRANCH} is a feature branch" + # Use an adjusted git feature branch name as a docker tag; export so goreleaser receives .Env.FEATURE_DOCKER_TAG. + export FEATURE_DOCKER_TAG=$(echo "${CIRCLE_BRANCH:0:26}" | sed 's/[^a-zA-Z0-9]/-/g' | sed 's/-\+$//') + echo "${this_script} also using docker tag ${FEATURE_DOCKER_TAG} since ${CIRCLE_BRANCH} is a feature branch" else export GORELEASER_CURRENT_TAG=${CIRCLE_TAG} - echo "${this_script} setting skip_release to false, and skip_feature_docker_tags to true, because CIRCLE_TAG is set" - export skip_feature_docker_tags=true - export skip_release=false + echo "${this_script} setting GORELEASER_SKIP_RELEASE to false, and GORELEASER_SKIP_FEATURE_DOCKER_TAGS to true, because CIRCLE_TAG is set" + export GORELEASER_SKIP_FEATURE_DOCKER_TAGS=true + export GORELEASER_SKIP_RELEASE=false fi echo "${this_script} using git tag ${GORELEASER_CURRENT_TAG}" -# Only substitute specific variables, as goreleaser uses shell variable syntax -# for its `signs` section `signature` and `artifact` variables. -cat .goreleaser.yml.envsubst |envsubst '${skip_release} ${skip_feature_docker_tags} ${feature_docker_tag}' >.goreleaser.yml -goreleaser --skip=sign $@ -if [ $? -eq 0 ] ; then - echo "${this_script} removing the temporary .goreleaser.yml since goreleaser was successful" - rm .goreleaser.yml # Keep git clean for additional goreleaser runs -fi +goreleaser --skip=sign "$@" cleanup