Install¶
There are two GoReleaser distributions: OSS and Pro.
You can install the pre-compiled binary (in several ways), use Docker or compile from source (when on OSS).
Below you can find the steps for each of them.
Install the pre-compiled binary¶
homebrew tap¶
brew install goreleaser/tap/goreleaser
brew install goreleaser/tap/goreleaser-pro
homebrew¶
brew install goreleaser
Info
The formula in homebrew-core might be slightly outdated. Use our homebrew tap to always get the latest updates.
snapcraft¶
sudo snap install --classic goreleaser
scoop¶
scoop bucket add goreleaser https://github.com/goreleaser/scoop-bucket.git
scoop install goreleaser
scoop bucket add goreleaser https://github.com/goreleaser/scoop-bucket.git
scoop install goreleaser-pro
apt¶
echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list
sudo apt update
sudo apt install goreleaser
echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list
sudo apt update
sudo apt install goreleaser-pro
yum¶
echo '[goreleaser]
name=GoReleaser
baseurl=https://repo.goreleaser.com/yum/
enabled=1
gpgcheck=0' | sudo tee /etc/yum.repos.d/goreleaser.repo
sudo yum install goreleaser
echo '[goreleaser]
name=GoReleaser
baseurl=https://repo.goreleaser.com/yum/
enabled=1
gpgcheck=0' | sudo tee /etc/yum.repos.d/goreleaser.repo
sudo yum install goreleaser-pro
aur¶
yay -S goreleaser-bin
yay -S goreleaser-pro-bin
nix¶
nixpkgs¶
nix-env -iA goreleaser
Info
The package in nixpkgs might be slightly outdated, as it is not updated automatically. Use our NUR to always get the latest updates.
nur¶
First, you'll need to add our NUR to your nix configuration. You can follow the guides here.
Once you do that, you can install the packages.
{ pkgs, lib, ... }: {
home.packages = with pkgs; [
nur.repos.goreleaser.goreleaser
];
}
{ pkgs, lib, ... }: {
home.packages = with pkgs; [
nur.repos.goreleaser.goreleaser-pro
];
}
deb, rpm and apk packages¶
Download the .deb, .rpm or .apk packages from the OSS releases page and install them with the appropriate tools.
Download the .deb, .rpm or .apk packages from the Pro releases page and install them with the appropriate tools.
go install¶
go install github.com/goreleaser/goreleaser@latest
Requires Go 1.22.
bash script¶
curl -sfL https://goreleaser.com/static/run | bash
curl -sfL https://goreleaser.com/static/run | DISTRIBUTION=pro bash
You can also set the VERSION and DISTRIBUTION variables to specify a version instead of using latest and pro or oss distributions, respectively.
You can also pass flags and args to GoReleaser:
curl -sfL https://goreleaser.com/static/run |
VERSION=v1.25.1 DISTRIBUTION=oss bash -s -- check
curl -sfL https://goreleaser.com/static/run |
VERSION=v1.25.1 DISTRIBUTION=pro bash -s -- check
Tip
This script does not install anything, it just downloads, verifies and runs GoReleaser. Its purpose is to be used within scripts and CIs.
manually¶
Download the pre-compiled binaries from the OSS releases page and copy them to the desired location.
Download the pre-compiled binaries from the Pro releases page and copy them to the desired location.
nightly¶
Nightly build are pre-releases of the current code into the main branch. Use it for testing out new features only.
manually¶
Download the pre-compiled binaries from the nightly release and copy them to the desired location.
Download the pre-compiled binaries from the nightly release and copy them to the desired location.
bash script¶
curl -sfL https://goreleaser.com/static/run |
VERSION=nightly DISTRIBUTION=oss bash -s -- release --clean
curl -sfL https://goreleaser.com/static/run |
VERSION=nightly DISTRIBUTION=pro bash -s -- release --clean
docker¶
Docker images are also available, look for tags with a -nightly suffix for the last nightly of a specific release, or the :nightly tag, which is always the latest nightly build available.
Registries:
Verifying the artifacts¶
binaries¶
All artifacts are checksummed, and the checksum file is signed with cosign.
- Download the files you want, and the
checksums.txt,checksum.txt.pemandchecksums.txt.sigfiles from the releases page:wget 'https://github.com/goreleaser/goreleaser/releases/download/v1.25.1/checksums.txt' - Verify the signature:
cosign verify-blob \ --certificate-identity 'https://github.com/goreleaser/goreleaser/.github/workflows/release.yml@refs/tags/v1.25.1' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ --cert 'https://github.com/goreleaser/goreleaser/releases/download/v1.25.1/checksums.txt.pem' \ --signature 'https://github.com/goreleaser/goreleaser/releases/download/v1.25.1/checksums.txt.sig' \ ./checksums.txt - If the signature is valid, you can then verify the SHA256 sums match with the downloaded binary:
sha256sum --ignore-missing -c checksums.txt
- Download the files you want, and the
checksums.txt,checksum.txt.pemandchecksums.txt.sigfiles from the releases page:wget 'https://github.com/goreleaser/goreleaser-pro/releases/download/v1.25.1-pro/checksums.txt' - Verify the signature:
cosign verify-blob \ --certificate-identity 'https://github.com/goreleaser/goreleaser-pro-internal/.github/workflows/release-pro.yml@refs/tags/v1.25.1-pro' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ --cert 'https://github.com/goreleaser/goreleaser-pro/releases/download/v1.25.1-pro/checksums.txt.pem' \ --signature 'https://github.com/goreleaser/goreleaser-pro/releases/download/v1.25.1-pro/checksums.txt.sig' \ ./checksums.txt - If the signature is valid, you can then verify the SHA256 sums match with the downloaded binary:
sha256sum --ignore-missing -c checksums.txt
docker images¶
Our Docker images are signed with cosign.
Verify the signatures:
cosign verify \
--certificate-identity 'https://github.com/goreleaser/goreleaser/.github/workflows/release.yml@refs/tags/v1.25.1' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
goreleaser/goreleaser
cosign verify \
--certificate-identity 'https://github.com/goreleaser/goreleaser-pro-internal/.github/workflows/release-pro.yml@refs/tags/v1.25.1-pro' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
goreleaser/goreleaser-pro
Info
The .pem and .sig files are the image name:tag, replacing / and : with -.
Running with Docker¶
You can also use it within a Docker container. To do that, you'll need to execute something more-or-less like the examples below.
Registries:
Example usage:
docker run --rm --privileged \
-v $PWD:/go/src/github.com/user/repo \
-v /var/run/docker.sock:/var/run/docker.sock \
-w /go/src/github.com/user/repo \
-e GITHUB_TOKEN \
-e DOCKER_USERNAME \
-e DOCKER_PASSWORD \
-e DOCKER_REGISTRY \
goreleaser/goreleaser release
Registries:
Example usage:
docker run --rm --privileged \
-v $PWD:/go/src/github.com/user/repo \
-v /var/run/docker.sock:/var/run/docker.sock \
-w /go/src/github.com/user/repo \
-e GITHUB_TOKEN \
-e DOCKER_USERNAME \
-e DOCKER_PASSWORD \
-e DOCKER_REGISTRY \
-e GORELEASER_KEY \
goreleaser/goreleaser-pro release
Info
Now, the provided docker image does not support the generation of Snapcraft packages.
Note that the image will almost always have the last stable Go version.
The DOCKER_REGISTRY environment variable can be left empty when you are releasing to the public docker registry.
If you need more things, you are encouraged to keep your own image. You can always use GoReleaser's own Dockerfile as an example though and iterate from that.
Packaging status¶
Compiling from source¶
Here you have two options:
If you want to contribute to the project, please follow the steps on our contributing guide.
If you just want to build from source for whatever reason, follow these steps:
clone:
git clone https://github.com/goreleaser/goreleaser
cd goreleaser
get the dependencies:
go mod tidy
build:
go build -o goreleaser .
verify it works:
./goreleaser --version