chore: upd gitignore add goreleaser and openrc script

2026-01-16 00:53:20 +03:00
parent 680973df3d
commit 28d1410d62
4 changed files with 130 additions and 48 deletions
--- a/.gitea/workflows/CD.yml
+++ b/.gitea/workflows/CD.yml
@@ -13,55 +13,35 @@ jobs:
  release:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v6
-      - name: Create Release
-        env:
-          TOKEN: ${{ secrets.TOKEN }}
-        run: |
-          TAG="${{ gitea.ref_name }}"
-          REPO="${{ gitea.repository }}"
-          SERVER="${{ gitea.server_url }}"
-          curl -X POST \
-            -H "Authorization: token $TOKEN" \
-            -H "Content-Type: application/json" \
-            -d '{
-              "tag_name": "'$TAG'",
-              "name": "Release '$TAG'",
-              "body": "# BanForge '$TAG'\n\nIntrusion Prevention System",
-              "draft": false,
-              "prerelease": false
-            }' \
-            "$SERVER/api/v1/repos/$REPO/releases"
-
-  build:
-    needs: release
-    strategy:
-      matrix:
-        include:
-          - goos: linux
-            arch: amd64
-          - goos: linux
-            arch: arm64
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v6
-      - uses: actions/setup-go@v6
+      - name: Install Gpg
+        run: apt-get update && apt-get install -y gnupg curl
+      - name: Install syft
+        run: curl -sSfL https://get.anchore.io/syft | sudo sh -s -- -b /usr/local/bin
+      - name: Checkout
+        uses: actions/checkout@v6
+      - name: Go setup
+        uses: actions/setup-go@v6
        with:
          go-version: '1.25'
          cache: false
-      - run: go mod tidy
-      - run: go test ./...
-      - name: Build ${{ matrix.goos }}-${{ matrix.arch }}
+      - name: Install deps
+        run: go mod tidy
+      - name: Golangci-lint
+        uses: golangci/golangci-lint-action@v9.2.0
+        with:
+          args: --timeout=5m
+          skip-cache: true
+      - name: Run tests
+        run: go test ./...
+      - name: GoReleaser
+        uses: goreleaser/goreleaser-action@v6 
+        with:
+          distribution: goreleaser
+          version: latest
+          args: release --clean
        env:
-          GOOS: ${{ matrix.goos }}
-          GOARCH: ${{ matrix.arch }}
-        run: go build -o banforge-${{ matrix.goos }}-${{ matrix.arch }} ./cmd/banforge
-      - name: Upload ${{ matrix.goos }}-${{ matrix.arch }}
-        env:
-          TOKEN: ${{ secrets.TOKEN }}
-        run: |
-          TAG="${{ gitea.ref_name }}"
-          FILE="banforge-${{ matrix.goos }}-${{ matrix.arch }}"
-          curl --user d3m0k1d:$TOKEN \
-            --upload-file $FILE \
-            https://gitea.d3m0k1d.ru/api/packages/d3m0k1d/generic/banforge/$TAG/$FILE
+          GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }}
+          GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }}
+          GITEA_TOKEN: ${{ secrets.TOKEN }}
+
+
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 bin/
+dist/
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -0,0 +1,80 @@
+# yaml-language-server: $schema=https://goreleaser.com/static/schema.json
+version: 2
+project_name: BanForge
+
+builds:
+  - id: banforge
+    main: ./cmd/banforge/main.go
+    binary: banforge-{{ .Version }}-{{ .Os }}-{{ .Arch }}
+    ignore:
+      - goos: windows
+      - goos: darwin
+      - goos: freebsd
+    goos:
+      - linux
+    goarch:
+      - amd64
+      - arm64
+    env:
+      - CGO_ENABLED=0
+    ldflags:
+      - "-s -w" 
+archives:
+  - format: tar.gz
+    name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
+
+nfpms:
+  - id: banforge
+    package_name: banforge
+    file_name_template: "{{ .PackageName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
+    homepage: https://gitea.d3m0k1d.ru/d3m0k1d/BanForge
+    description: BanForge IPS log-based system
+    maintainer: d3m0k1d <contact@d3m0k1d.ru>
+    license: GPLv3.0
+    formats:
+      - apk
+      - deb
+      - rpm
+      - archlinux
+    bindir: /usr/bin
+
+release: 
+  gitea:
+    owner: d3m0k1d
+    name: BanForge
+  mode: keep-existing
+
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - "^docs:"
+      - "^test:"
+
+checksum:
+  name_template: "{{ .ProjectName }}_{{ .Version }}_checksums.txt"
+  algorithm: sha256
+
+signs:
+  - cmd: gpg
+    args:
+      - "--batch"
+      - "--no-tty"
+      - "--pinentry-mode"
+      - "loopback"
+      - "-u"
+      - "{{ .Env.GPG_FINGERPRINT }}"
+      - "--output"
+      - "${signature}"
+      - "--detach-sign"
+      - "${artifact}"
+    stdin: "{{ .Env.GPG_PASSWORD }}"
+    artifacts: checksum
+
+sboms:
+  - artifacts: archive
+    documents:
+      - "{{ .ArtifactName }}.spdx.json"
+    cmd: syft
+    args: ["$artifact", "--output", "spdx-json=$document"]
+
--- a/build/banforge
+++ b/build/banforge
@@ -0,0 +1,21 @@
+#!/sbin/openrc-run
+
+description="BanForge - IPS log based system"
+command="/usr/bin/banforge"
+command_args="daemon"
+
+pidfile="/run/${RC_SVCNAME}.pid"
+command_background="yes"
+
+depend() {
+  need net
+  after network
+}
+
+start_post() {
+  einfo "BanForge is now running"
+}
+
+stop_post() {
+  einfo "BanForge is now stopped"
+}