This document is intended for maintainers only.
- Install GoReleaser or use it as curl bash piping:
$ brew install goreleaser/tap/goreleaser $ goreleaser -v
$ curl -sL https://git.io/goreleaser | bash -s -- -v
- Fork and clone this repository and then add the
upstream
remote repository:$ git remote -v origin git@github.com:<YOUR_GITHUB_USERNAME>/harbor-scanner-trivy.git (fetch) origin git@github.com:<YOUR_GITHUB_USERNAME>/harbor-scanner-trivy.git (push) upstream git@github.com:aquasecurity/harbor-scanner-trivy.git (fetch) upstream git@github.com:aquasecurity/harbor-scanner-trivy.git (push)
- Docker client connected to a Docker host:
$ docker info
GoReleaser requires the following environment variables to be set.
Environment Variable | Description |
---|---|
GITHUB_TOKEN |
GitHub API token with the repo scope to deploy the artifacts to GitHub |
DOCKERHUB_USER |
DockerHub username |
DOCKERHUB_TOKEN |
DockerHub access token to push images |
These can be stored as secrets in GitHub repository settings.
- Make sure that your fork's
main
branch is up to date withupstream/main
and your working tree is clean. - Run unit tests and make sure that they're passing:
$ make test
- Perform a dry run to test everything before doing a release for real. Notice the
--skip-publish
flag, which instructs GoReleaser to only build and package things:$ goreleaser --snapshot --skip-publish --rm-dist
- Make sure that the Docker image was built successfully:
where
$ docker image inspect "docker.io/aquasec/harbor-scanner-trivy:$CURRENT_VERSION-next"
CURRENT_VERSION
corresponds to the latest release tag, e.g.v0.1.0
or equalsv0.0.0
if you're releasing for the first time. - You can even try running the container to be more confident with new release:
$ docker container run --rm -p 8080:8080 "docker.io/aquasec/harbor-scanner-trivy:$CURRENT_VERSION-next"
- If everything is fine so far create an annotated git tag and push it to the
upstream
repository to actually trigger the release build:where$ git tag -a $NEW_VERSION -m "Release $NEW_VERSION" $ git push upstream $NEW_VERSION
NEW_VERSION
adheres to semantic versioning, e.g.v0.2.0
. - Check that Travis CI scheduled a build job that corresponds to
NEW_VERSION
. Make sure that the job exited with 0 status code.
- Make sure that GoReleaser uploaded artifacts to GitHub releases page.
- Make sure that GoReleaser pushed new tag
NEW_VERSION
to Docker Hub repository.