# .goreleaser.yml
version: 2
project_name: CBZOptimizer
release:
  github:
    owner: belphemur
    name: CBZOptimizer
changelog:
  sort: asc
  filters:
    exclude:
      - '^docs:'
      - '^test:'
      - '^chore:'
  groups:
    - title: Features
      regexp: '^.*?feat(\([[:word:]]+\))??!?:.+$'
      order: 0
    - title: "Bug fixes"
      regexp: '^.*?fix(\([[:word:]]+\))??!?:.+$'
      order: 1
    - title: "Performance"
      regexp: '^.*?perf(\([[:word:]]+\))??!?:.+$'
      order: 2
builds:
  - id: cbzoptimizer
    main: main.go
    goos:
      - linux
    goarch:
      - amd64
      - arm64
    # ensures mod timestamp to be the commit timestamp
    mod_timestamp: "{{ .CommitTimestamp }}"
    flags:
      # trims path
      - -trimpath
    ldflags:
      - -s -w -X meta.Version={{.Version}} -X meta.Commit={{.Commit}} -X meta.Date={{ .CommitDate }}
    env:
      - CGO_ENABLED=0
# config the checksum filename
# https://goreleaser.com/customization/checksum
checksum:
  name_template: "checksums.txt"
# create a source tarball
# https://goreleaser.com/customization/source/
source:
  enabled: true
# proxies from the go mod proxy before building
# https://goreleaser.com/customization/gomod
gomod:
  proxy: true
# creates SBOMs of all archives and the source tarball using syft
# https://goreleaser.com/customization/sbom
sboms:
  - artifacts: archive
  - id: source # Two different sbom configurations need two different IDs
    artifacts: source
# create a docker image
# https://goreleaser.com/customization/docker
dockers:
  - image_templates:
      - "ghcr.io/belphemur/cbzoptimizer:latest"
      - "ghcr.io/belphemur/cbzoptimizer:{{ .Version }}"
    dockerfile: Dockerfile
    build_flag_templates:
      - "--pull"
      - "--label=org.opencontainers.image.created={{.Date}}"
      - "--label=org.opencontainers.image.name={{.ProjectName}}"
      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
      - "--label=org.opencontainers.image.version={{.Version}}"
      - "--label=org.opencontainers.image.source={{.GitURL}}"
# signs the checksum file
# all files (including the sboms) are included in the checksum, so we don't need to sign each one if we don't want to
# https://goreleaser.com/customization/sign
signs:
  - cmd: cosign
    env:
      - COSIGN_EXPERIMENTAL=1
    certificate: "${artifact}.pem"
    args:
      - sign-blob
      - "--output-certificate=${certificate}"
      - "--output-signature=${signature}"
      - "${artifact}"
      - "--yes" # needed on cosign 2.0.0+
    artifacts: checksum
    output: true
# signs our docker image
# https://goreleaser.com/customization/docker_sign
docker_signs:
  - cmd: cosign
    env:
      - COSIGN_EXPERIMENTAL=1
    artifacts: images
    output: true
    args:
      - "sign"
      - "${artifact}"
      - "--yes" # needed on cosign 2.0.0+