S3

Since v0.74.0, GoReleaser supports pushing artifacts to Amazon S3 and other API-compatible object storages (minio for example).

Right now, the implementation is quite simple and probably won’t cover all use cases. If you need one of such use cases, please open an issue/pull request.

Here is what you can customize:

Customization

# .goreleaser.yml
s3:
  # You can have multiple s3 configs
  -
    # Template for the bucket name(without the s3:// prefix)
    # Default is empty.
    bucket: my-bucket
    # AWS Region to use.
    # Defaults is us-east-1
    region: us-east-1
    # Template for the path/name inside the bucket.
    # Default is `{{ .ProjectName }}/{{ .Tag }}`
    folder: "foo/bar/{{.Version}}"
    # Set a custom profile to use for this s3 config. If you have multiple
    # profiles setup in you ~/.aws config, this shall help defining which
    # profile to use in which s3 bucket.
    # Default is empty.
    profile: my-profile
    # Endpoint allows you to set a custom endpoint, which is useful if you
    # want to push your artifacts to a minio server for example.
    # Default is AWS S3 URL.
    endpoint: "http://minio.foo.com"
    # Sets the ACL of the object using the specified canned ACL.
    # Default is private.
    acl: public-read

Learn more about the name template engine. Learn more about the acl.

Authentication

GoReleaser will authenticate using the same methods defined by aws-cli. You can read the docs to find out more about it.

Currently it supports authentication with:

  • An EnvProvider which retrieves credentials from the environment variables of the running process. Environment credentials never expire. Environment variables used:
    • Access Key ID: AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY
    • Secret Access Key: AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY
  • A SharedCredentialsProvider which retrieves credentials from the current user’s home directory, and keeps track if those credentials are expired. Profile ini file example: $HOME/.aws/credentials
  • A AssumeRoleTokenProvider with enabled SharedConfigState which uses MFA prompting for token code on stdin. Go to session doc for more details.

You can also set different profile names for each S3 config, so you may be able to push to buckets in different accounts, for example.

Last updated by Carlos Alexandro Becker on March 24, 2019. Improve this page.