---
project_name: gosec

release:
  extra_files:
    - glob: ./bom.json
  github:
    owner: securego
    name: gosec

builds:
  - main: ./cmd/gosec/
    binary: gosec
    goos:
      - darwin
      - linux
      - windows
    goarch:
      - amd64
      - arm64
      - s390x
    ldflags: -X main.Version={{.Version}} -X main.GitTag={{.Tag}} -X main.BuildDate={{.Date}}
    env:
      - CGO_ENABLED=0

signs:
- cmd: cosign
  stdin: '{{ .Env.COSIGN_PASSWORD}}'
  args: ["sign-blob", "--key=/tmp/cosign.key", "--output=${signature}", "${artifact}"]
  artifacts: all