NFPM is Not FPM - a simple deb, rpm and apk packager written in Go

GoReleaser Logo

NFPM

NFPM is Not FPM - a simple deb, rpm and apk packager written in Go.

Release Software License GitHub Actions Codecov branch Go Report Card Go Doc Powered By: GoReleaser

Why

While fpm is great, for me, it is a bummer that it depends on ruby, tar and other softwares.

I wanted something that could be used as a binary and/or as a library and that was really simple.

So I created NFPM: a simpler, 0-dependency, as-little-assumptions-as-possible alternative to fpm.

Usage

Check the documentation at https://nfpm.goreleaser.com

Special thanks πŸ™

Thanks to the fpm authors for fpm, which inspires nfpm a lot.

Donate

Donations are very much appreciated! You can donate/sponsor on the main goreleaser opencollective! It's easy and will surely help the developers at least buy some β˜•οΈ or 🍺 !

Stargazers over time

goreleaser/nfpm stargazers over time


Would you like to fix something in the documentation? Feel free to open an issue.

Owner
GoReleaser
Deliver Go binaries as fast and easily as possible
GoReleaser
Comments
  • feat: Add apk support

    feat: Add apk support

    Work in Progress - Not ready to commit, just looking for guidance

    This is my first stab at getting Torsten Curdt's work from Issue #39 into a PR to add generation of .apk installers.

    As you can see, I wander without much of a clue, so any pointers you can give as to "what to do next" are most welcome!

    Most of the linter issues are fixed, but the big nasty runit method (formerly known as main) still needs refactoring...

  • feat: add support for Arch Linux packages

    feat: add support for Arch Linux packages

    This PR adds support for Arch Linux packages.

    Like the previous PR (#141), this one generates .PKGINFO, .INSTALL, and .MTREE files.

    Unlike that PR, this one compresses the package with a pure-Go Zstandard implementation, which conforms with the new standard for Arch packages.

    I have successfully been able to install packages generated by this code, so it works, but there are no tests, so I am leaving it as a draft until I add tests and more comments to it.

    Closes #133 Closes #546

  • Add support for apk

    Add support for apk

    Would be nice to have support for alpine linux packages as well.

    http://wiki.alpinelinux.org/wiki/Creating_an_Alpine_package https://wiki.alpinelinux.org/wiki/Alpine_package_format

  • Add support for package scripts

    Add support for package scripts

    It would be nice to define scripts similar to fpm. The .goreleaser.yml could look like:

    nfpm:
      scripts:
        "verify":         "scripts/verify.sh"
        "before_upgrade": "scripts/before_upgrade_script.sh"
        "after_upgrade":  "scripts/after_upgrade_script.sh"
        "before_install":  "scripts/before_install_script.sh"
        "after_install":  "scripts/after_install_script.sh"
        "before_remove":  "scripts/before_remove_script.sh"
        "after_remove":   "scripts/after_remove_script.sh"
        "rpm_pretrans":   "scripts/rpm_pretrans_script.sh"
        "rpm_posttrans":  "scripts/rpm_posttrans_script.sh"
    

    Happy to help with a PR once we agreed on a way forward

  • Alpine 3.13 requires file checksums embedded in the apk

    Alpine 3.13 requires file checksums embedded in the apk

    The root cause for 284 was an update to alpine 3.13 which causes the apks built with nfpm to fail since we are not embedding the file checksums in the apk.

    I am currently researching where and how to embed these values, but so far have had no luck in finding where this is documented.

  • NFPM cannot sign packages with only the subkey present

    NFPM cannot sign packages with only the subkey present

    Describe the bug

    When attempting to sign packages with subkeys only (no main key present) the signing fails with the following error message:

    release failed after 11.33s error=nfpm failed: signing error: armored detach sign: decoding armored PGP keyring: openpgp: unsupported feature: hash for S2K function: 0
    

    This is most likely due to golang/go#23226

    To Reproduce

    Steps to reproduce the behavior:

    builds:
    nfpms:
      - rpm:
          signature:
            key_file: /tmp/signing.gpg
        deb:
          signature:
            key_file: /tmp/signing.gpg
        apk:
          signature:
            key_file: /tmp/signing.gpg
    

    The key needs to be generated with the following steps:

    $ gpg --full-generate-key
    # Complete the key setup
    $ gpg --edit-key [email protected]
    gpg> addkey
    # Complete adding the subkey
    gpg> quit
    Save changes? (y/N) y
    $ gpg --list-keys --with-keygrip
    $ rm -rf ~/.gnupg/private-keys-v1.d/ADD-MAIN-KEY-KEYGRIP-HERE.key
    $ gpg -a --export-secret-subkey [email protected] >/tmp/signing.gpg
    

    Expected behavior

    The signing should either work with the GnuPG agent instead of using a file, or it should read the GnuPG key correctly.

    Environment (please complete the following information):

    • OS: linux
    • OS version: Linux janoszen-desktop 4.19.128-janoszen-wsl goreleaser/goreleaser#2 SMP Tue Dec 15 12:51:43 CET 2020 x86_64 x86_64 x86_64 GNU/Linux
    • GoReleaser Version 0.149.0

    Additional context:

    You can verify that the key is affected by this issue by running gpg --list-packets KEYFILE.gpg and looking for the gnu-dummy S2K packet.

  • Added options to add systemd unit and create users

    Added options to add systemd unit and create users

    changes:

    • feat: option to add systemd service unit
    • feat: option to add users on package install
    • feat: options to define files and directory ownership in config

    #55 #15

  • feat: replace glob library

    feat: replace glob library

    BREAKING CHANGE: may have unintended side-effects.

    closes #232

    error message when no files match a glog changed, because now its handled in another place... but seems like tests are still passing...

  • Add RPM install/upgrade scriptlet examples to documentation

    Add RPM install/upgrade scriptlet examples to documentation

    What happened?

    When upgrading rpm packages, the scripts generated by nfpm do not do the right thing for upgrades. For instance, look at the pre-install script generated by nfpm, (using rpm -qp --scripts <rpmfile>) it looks like:

    preinstall scriptlet (using /bin/sh):
    #!/bin/bash
    echo "Creating user and group..."
    GROUPNAME="tyk"
    USERNAME="tyk"
    
    getent group "$GROUPNAME" >/dev/null || groupadd -r "$GROUPNAME"
    getent passwd "$USERNAME" >/dev/null || useradd -r -g "$GROUPNAME" -M -s /sbin/nologin -c "Tyk service user" "$USERNAME"
    

    While the package generated by fpm looks like:

    preinstall scriptlet (using /bin/sh):
    upgrade() {
        :
    #!/bin/bash
    echo "Removing init scripts..."
    
    SYSTEMD="/lib/systemd/system"
    UPSTART="/etc/init"
    SYSV1="/etc/init.d"
    SYSV2="/etc/rc.d/init.d/"
    DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
    
    if [ -f "/lib/systemd/system/tyk-dashboard.service" ]; then
    	echo "Found Systemd"
    	echo "Stopping the service"
    	systemctl stop tyk-dashboard.service
    	echo "Removing the service"
    	rm /lib/systemd/system/tyk-dashboard.service
    	systemctl --system daemon-reload
    fi
    
    if [ -f "/etc/init/tyk-dashboard.conf" ]; then
    	echo "Found upstart"
    	echo "Stopping the service"
    	stop tyk-dashboard
    	echo "Removing the service"
    	rm /etc/init/tyk-dashboard.conf
    fi
    
    if [ -f "/etc/init.d/tyk-dashboard" ]; then
    	echo "Found Sysv1"
    	/etc/init.d/tyk-dashboard stop
    	rm /etc/init.d/tyk-dashboard
    fi
    
    if [ -f "/etc/rc.d/init.d/tyk-dashboard" ]; then
    	echo "Found Sysv2"
    	echo "Stopping the service"
    	/etc/rc.d/init.d/tyk-dashboard stop
    	echo "Removing the service"
    	rm /etc/rc.d/init.d/tyk-dashboard
    fi
    
    }
    _install() {
        :
    #!/bin/bash
    echo "Creating user and group..."
    GROUPNAME="tyk"
    USERNAME="tyk"
    
    getent group "$GROUPNAME" >/dev/null || groupadd -r "$GROUPNAME"
    getent passwd "$USERNAME" >/dev/null || useradd -r -g "$GROUPNAME" -M -s /sbin/nologin -c "Tyk service user" "$USERNAME"
    
    }
    if [ "${1}" -eq 1 ]
    then
        # "before install" goes here
        _install
    elif [ "${1}" -gt 1 ]
    then
        # "before upgrade" goes here
        upgrade
    fi
    

    The fpm version does the right thing imho.

    How can we reproduce this?

    Using https://packagecloud.io/tyk/tyk-gateway-unstable,

    # yum install tyk-gateway-3.0.5~rc2
    # yum install tyk-gateway-3.0.7~rc23
    

    You will see that the systemd service file is removed at the end of the upgrade as it is in the postuninstall trigger of the old package.

    As per the spec, the postuninstall trigger of the old package runs after the postinstall trigger of the new package. This is a little confusing but the fpm generated trigger scripts use $1 to figure out the right situation.

    I can't be the first to encounter this problem but I'm not sure if I am doing something wrong.

    You can see the goreleaser config at https://github.com/TykTechnologies/tyk/blob/master/.goreleaser.yml#L263-L266

    goreleaser version

    goreleaser version 0.155.0
    

    GoReleaser Check

    • [X] goreleaser check shows no errors

    Search

    • [X] I did search for other open and closed issues before opening this.

    Code of Conduct

    • [X] I agree to follow this project's Code of Conduct

    Additional context

    I have also checked the scripts with GoReleaser version found: v0.169.0 and the scripts are the generated without reference to $1.

    We also have a goreleaser license from gumroad, if that makes a difference.

  • Signed RPMs failed to install via yum/dnf on RHEL7/CentOS7

    Signed RPMs failed to install via yum/dnf on RHEL7/CentOS7

    Describe the bug

    We are using the new RPM sign feature, and everything seems to work fine until installation.

    Installation with yum:

    Total download size: 4.5 M
    Installed size: 12 M
    Background downloading packages, then exiting:
    error: /var/cache/yum/x86_64/7Server/linux-rpm-releases-local/packages/lslbgen-0.0.3.x86_64.rpm: Verify signature: BAD PARAMETERS (1002 0x31ecea0 72 (nil) 0x2bde520)
    Problem opening package lslbgen-0.0.3.x86_64.rpm
    lslbgen-0.0.3.x86_64.rpm    
    

    We get the error Verify signature: BAD PARAMETERS (1002 0x31ecea0 72 (nil) 0x2bde520)

    If we inspect the package with rpm everything seems ok:

    rpm -K /var/cache/yum/x86_64/7Server/linux-rpm-releases-local/packages/lslbgen-0.0.3.x86_64.rpm -v
    /var/cache/yum/x86_64/7Server/linux-rpm-releases-local/packages/lslbgen-0.0.3.x86_64.rpm:
        V4 DSA/SHA256 Signature, key ID 499702cb: OK
    

    We also tried with a RSA key and we get the same error.

    With RHEL8 it is possible to install the package via yum/dnf without a problem.

    To Reproduce

    Build a signed RPM. Install the resulting package.

    Expected behavior Installation should be possible.

    Environment (please complete the following information):

    uname -a
    Linux 3.10.0-1160.2.2.el7.x86_64 goreleaser/goreleaser#1 SMP Sat Oct 17 05:06:47 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
    

    Additional context Add any other context about the problem here. Full output log with debug on is probably a helpful thing to add here.

  • feat(#42): Support Changelogs

    feat(#42): Support Changelogs

    This pull request adds the ability to add a changelog by specifying a compatible YAML file in the configuration file. This pull request was built based on the djgilcrease's great pull request #105, however, the following changes were made:

    • All properties of the changelog are entirely defined by the changelog YAML file. No default changelog entry is created and no information is sourced from Info. nfpm should not manage the changelog. Instead, it should only provide the means to add your own changelog to a package.
    • If no changelog YAML file is specified, nothing changelog-related is added to the package for users that explicitly do not want a changelog.
    • Dependency from specifc pull request branch of the rpmpack repos was removed. This was necessary because the pull request was closed. A different API for the same purpose was added since, so I used this API.
    • The nomenclature for the configuration file was change from chglog to changelog to be more clear for a better user experience.
    • The pull request is compatible with master again.
    • I did not add any changelog information for the nfpm package itself, because this pull request only concerns the feature support and maintenance of the nfpm package itself is kind of orthogonal to that.
  • slow rpm/armv7 tests

    slow rpm/armv7 tests

    the build / acceptance-tests (rpm, armv7) test run takes ages to run, sometimes timing out... seems to be related to slow rpm servers for arm7...

    I wonder if its worth keeping this in the build... I never wait for it anyway πŸ€”

    wdyt? @goreleaser/nfpm

  • Support IPK package format

    Support IPK package format

    Is your feature request related to a problem? Please describe.

    Create a package for a OpenWrt or another embedded distribution that uses opkg and ipkg packages, that are debian simplified packages.

    Describe the solution you'd like

    To be able to generate a ipk with as deb packaging is supported

    Describe alternatives you've considered

    Build the packages by myself.

    Search

    • [X] I did search for other open and closed issues before opening this.

    Code of Conduct

    • [X] I agree to follow this project's Code of Conduct

    Additional context

    No response

  • Generate .changes files for debian packages

    Generate .changes files for debian packages

    Is your feature request related to a problem? Please describe.

    I need to upload debian packages to reprepo for distribution to internal package mirrors. Reprepo needs a .changes file. I'm able to generate a debian compatible changelog using chglog, but I'm unable to create the .changes file.

    I found this issue, which refers to an earlier one, but both only mention generating the changelog itself. I'm unable to find any documentation that speaks to generating the .changes control file.

    Describe the solution you'd like

    I'm happy to provide the PR that generates the .changes file as documented here.

    Since this would be my first contribution to this project, I would like to engage the maintainers and community for advice first.

    • Do you feel this belongs in nfpm, or another goreleaser repo?
    • Does this change fit within the current roadmap of this project?
    • Is this feature desirable enough for the maintainers to warrant their time reviewing my PR?

    Describe alternatives you've considered

    An alternative is for me to use dpkg-genchanges to generate the file, but nfpm is already signing my .deb file, so I would like it to sign the .changes file as well.

    Search

    • [X] I did search for other open and closed issues before opening this.

    Code of Conduct

    • [X] I agree to follow this project's Code of Conduct

    Additional context

    No response

  • Provide files as tgz

    Provide files as tgz

    It seems like right now there is no way to specify a full tgz for the files that should go into the package. And there is no way to specify the ownership and permissions in detail (that I see).

    Would be great if one could provide a complete tgz as the data section of package.

EGo lets you build, debug und run Go apps on Intel SGX - as simple as conventional Go programming!

EGo is a framework for building confidential apps in Go. Confidential apps run in always-encrypted and verifiable enclaves on Intel SGX-enabled ha

Dec 28, 2022
A simple tool to help WoW repack administrators manipulate the repack database(s)

WoW Repack Manipulator This tool makes it easier for an administrator of a WoW Repack (private WoW server, basically) to manipulate the database that

Feb 7, 2022
Monitoring changes in the source file and automatically compile and run (restart).
Monitoring changes in the source file and automatically compile and run (restart).

dogo Monitoring changes in the source file and automatically compile and run (restart). δΈ­ζ–‡ Install go get github.com/liudng/dogo Create config Here's

Dec 28, 2022
Builds and restarts a Go project when it crashes or some watched file changes
Builds and restarts a Go project when it crashes or some watched file changes

gaper Used to build and restart a Go project when it crashes or some watched file changes Aimed to be used in development only. Changelog See Releases

Dec 30, 2022
Realize is the #1 Golang Task Runner which enhance your workflow by automating the most common tasks and using the best performing Golang live reloading.
Realize is the #1 Golang Task Runner which enhance your workflow by automating the most common tasks and using the best performing Golang live reloading.

#1 Golang live reload and task runner Content - ⭐️ Top Features - ???? Get started - ?? Config sample - ?? Commands List - ?? Support and Suggestions

Jan 6, 2023
Various tools for usage with Golang like installer, github tool and cloud features.

Gopei2 (Go Programming Environment Installer) Gopei shell install Go compiler, LiteIDE and configure for you the entire environment, variables, paths,

Dec 23, 2022
a build tool for Go, with a focus on cross-compiling, packaging and deployment

goxc NOTE: goxc has long been in maintenance mode. Ever since Go1.5 supported simple cross-compilation, this tool lost much of its value. There are st

Dec 9, 2022
An extremely fast JavaScript bundler and minifier
An extremely fast JavaScript bundler and minifier

An extremely fast JavaScript bundler and minifier

Jan 4, 2023
GoReleaser builds Go binaries as fast and easily as possible
GoReleaser builds  Go binaries as fast and easily as possible

GoReleaser builds Go binaries for several platforms, creates a GitHub release and then pushes a Homebrew formula to a tap repository. All that wrapped in your favorite CI.

Jan 7, 2023
Build system and task runner for Go projects
Build system and task runner for Go projects

Gilbert is task runner that aims to provide declarative way to define and run tasks like in other projects like Gradle, Maven and etc.

Dec 21, 2022
A small utility that aims to automate and simplify some tasks related to software release cycles.

Stork is a small utility that aims to automate and simplify some tasks related to software release cycles such as reading the current version from a f

Nov 9, 2022
πŸš€ gowatch is a command line tool that builds and (re)starts your go project everytime you save a Go or template file.
πŸš€ gowatch is a command line tool that builds and (re)starts your go project everytime you save a Go or template file.

gowatch δΈ­ζ–‡ζ–‡ζ‘£ gowatch is a command line tool that builds and (re)starts your go project everytime you save a Go or template file. Installation To insta

Dec 30, 2022
Build and (re)start go web apps after saving/creating/deleting source files.

unmaintained Fresh Fresh is a command line tool that builds and (re)starts your web application everytime you save a Go or template file. If the web f

Jan 2, 2023
KintoHub is an open source build and deployment platform designed with a developer-friendly interface for Kubernetes.
KintoHub is an open source build and deployment platform designed with a developer-friendly interface for Kubernetes.

What is Kintohub? KintoHub is an open source build and deployment platform designed with a developer-friendly interface for Kubernetes. Build your cod

Jun 7, 2022
Moldy CLI the best project starter and manager of the world
Moldy CLI the best project starter and manager of the world

Moldy The best project starter of the world ?? What is Moldy ? Hey I present Moldy this beautiful tool that will solve your life in creating, managing

Oct 17, 2022
Simple utility to get/set the PWM duty cycle and to measure the RPM for a fan connected to the 4-pin header on the CM4IO.

cm4iofan Simple utility to get/set the PWM duty cycle and to measure the RPM for a fan connected to the 4-pin header on the CM4IO. Requirements Enable

Mar 31, 2022
APKrash is an Android APK security analysis toolkit focused on comparing APKs to detect tampering and repackaging.
 APKrash is an Android APK security analysis toolkit focused on comparing APKs to detect tampering and repackaging.

APKrash APKrash is an Android APK security analysis toolkit focused on comparing APKs to detect tampering and repackaging. Features Able to analyze pu

Nov 8, 2022
Utility to add network config file in apk

Utility to add network config file in apk. Which bypass the proxy intercept restriction for user installed burpsuit CA certificate.

Aug 19, 2022
Google Play APK apps

googleplay Google Play APK apps https://godocs.io/github.com/89z/googleplay Using Android API 24 fails, but API 25 or higher works. It applies to all

Nov 21, 2022
Apko: Build images for apk-based distributions declaratively

apko Build images for apk-based distributions declaratively! Why When maintainin

Jan 4, 2023