From 28d1410d625dcd91149a9e0cdc2f864c7c08f2fe Mon Sep 17 00:00:00 2001 From: d3m0k1d Date: Fri, 16 Jan 2026 00:53:20 +0300 Subject: [PATCH] chore: upd gitignore add goreleaser and openrc script --- .gitea/workflows/CD.yml | 76 +++++++++++++++------------------------ .gitignore | 1 + .goreleaser.yml | 80 +++++++++++++++++++++++++++++++++++++++++ build/banforge | 21 +++++++++++ 4 files changed, 130 insertions(+), 48 deletions(-) create mode 100644 .goreleaser.yml create mode 100644 build/banforge diff --git a/.gitea/workflows/CD.yml b/.gitea/workflows/CD.yml index a0bb703..75f29ab 100644 --- a/.gitea/workflows/CD.yml +++ b/.gitea/workflows/CD.yml @@ -13,55 +13,35 @@ jobs: release: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 - - name: Create Release - env: - TOKEN: ${{ secrets.TOKEN }} - run: | - TAG="${{ gitea.ref_name }}" - REPO="${{ gitea.repository }}" - SERVER="${{ gitea.server_url }}" - curl -X POST \ - -H "Authorization: token $TOKEN" \ - -H "Content-Type: application/json" \ - -d '{ - "tag_name": "'$TAG'", - "name": "Release '$TAG'", - "body": "# BanForge '$TAG'\n\nIntrusion Prevention System", - "draft": false, - "prerelease": false - }' \ - "$SERVER/api/v1/repos/$REPO/releases" - - build: - needs: release - strategy: - matrix: - include: - - goos: linux - arch: amd64 - - goos: linux - arch: arm64 - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v6 - - uses: actions/setup-go@v6 + - name: Install Gpg + run: apt-get update && apt-get install -y gnupg curl + - name: Install syft + run: curl -sSfL https://get.anchore.io/syft | sudo sh -s -- -b /usr/local/bin + - name: Checkout + uses: actions/checkout@v6 + - name: Go setup + uses: actions/setup-go@v6 with: go-version: '1.25' cache: false - - run: go mod tidy - - run: go test ./... - - name: Build ${{ matrix.goos }}-${{ matrix.arch }} + - name: Install deps + run: go mod tidy + - name: Golangci-lint + uses: golangci/golangci-lint-action@v9.2.0 + with: + args: --timeout=5m + skip-cache: true + - name: Run tests + run: go test ./... + - name: GoReleaser + uses: goreleaser/goreleaser-action@v6 + with: + distribution: goreleaser + version: latest + args: release --clean env: - GOOS: ${{ matrix.goos }} - GOARCH: ${{ matrix.arch }} - run: go build -o banforge-${{ matrix.goos }}-${{ matrix.arch }} ./cmd/banforge - - name: Upload ${{ matrix.goos }}-${{ matrix.arch }} - env: - TOKEN: ${{ secrets.TOKEN }} - run: | - TAG="${{ gitea.ref_name }}" - FILE="banforge-${{ matrix.goos }}-${{ matrix.arch }}" - curl --user d3m0k1d:$TOKEN \ - --upload-file $FILE \ - https://gitea.d3m0k1d.ru/api/packages/d3m0k1d/generic/banforge/$TAG/$FILE + GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} + GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }} + GITEA_TOKEN: ${{ secrets.TOKEN }} + + diff --git a/.gitignore b/.gitignore index e660fd9..a5d8f72 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ bin/ +dist/ diff --git a/.goreleaser.yml b/.goreleaser.yml new file mode 100644 index 0000000..f2f127a --- /dev/null +++ b/.goreleaser.yml @@ -0,0 +1,80 @@ +# yaml-language-server: $schema=https://goreleaser.com/static/schema.json +version: 2 +project_name: BanForge + +builds: + - id: banforge + main: ./cmd/banforge/main.go + binary: banforge-{{ .Version }}-{{ .Os }}-{{ .Arch }} + ignore: + - goos: windows + - goos: darwin + - goos: freebsd + goos: + - linux + goarch: + - amd64 + - arm64 + env: + - CGO_ENABLED=0 + ldflags: + - "-s -w" +archives: + - format: tar.gz + name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}" + +nfpms: + - id: banforge + package_name: banforge + file_name_template: "{{ .PackageName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}" + homepage: https://gitea.d3m0k1d.ru/d3m0k1d/BanForge + description: BanForge IPS log-based system + maintainer: d3m0k1d + license: GPLv3.0 + formats: + - apk + - deb + - rpm + - archlinux + bindir: /usr/bin + +release: + gitea: + owner: d3m0k1d + name: BanForge + mode: keep-existing + +changelog: + sort: asc + filters: + exclude: + - "^docs:" + - "^test:" + +checksum: + name_template: "{{ .ProjectName }}_{{ .Version }}_checksums.txt" + algorithm: sha256 + +signs: + - cmd: gpg + args: + - "--batch" + - "--no-tty" + - "--pinentry-mode" + - "loopback" + - "-u" + - "{{ .Env.GPG_FINGERPRINT }}" + - "--output" + - "${signature}" + - "--detach-sign" + - "${artifact}" + stdin: "{{ .Env.GPG_PASSWORD }}" + artifacts: checksum + +sboms: + - artifacts: archive + documents: + - "{{ .ArtifactName }}.spdx.json" + cmd: syft + args: ["$artifact", "--output", "spdx-json=$document"] + diff --git a/build/banforge b/build/banforge new file mode 100644 index 0000000..a156c88 --- /dev/null +++ b/build/banforge @@ -0,0 +1,21 @@ +#!/sbin/openrc-run + +description="BanForge - IPS log based system" +command="/usr/bin/banforge" +command_args="daemon" + +pidfile="/run/${RC_SVCNAME}.pid" +command_background="yes" + +depend() { + need net + after network +} + +start_post() { + einfo "BanForge is now running" +} + +stop_post() { + einfo "BanForge is now stopped" +}