Install¶

There are two GoReleaser distributions: OSS and Pro.

You can install the pre-compiled binary (in several ways), use Docker or compile from source (when on OSS).

Below you can find the steps for each of them.

Install the pre-compiled binary¶

homebrew tap¶

OSSPro

brew install goreleaser/tap/goreleaser

brew install goreleaser/tap/goreleaser-pro

homebrew¶

OSS

brew install goreleaser

Info

The formula in homebrew-core might be slightly outdated. Use our homebrew tap to always get the latest updates.

snapcraft¶

OSS

sudo snap install --classic goreleaser

scoop¶

OSSPro

scoop bucket add goreleaser https://github.com/goreleaser/scoop-bucket.git
scoop install goreleaser

scoop bucket add goreleaser https://github.com/goreleaser/scoop-bucket.git
scoop install goreleaser-pro

apt¶

OSSPro

echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list
sudo apt update
sudo apt install goreleaser

echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list
sudo apt update
sudo apt install goreleaser-pro

yum¶

OSSPro

echo '[goreleaser]
name=GoReleaser
baseurl=https://repo.goreleaser.com/yum/
enabled=1
gpgcheck=0' | sudo tee /etc/yum.repos.d/goreleaser.repo
sudo yum install goreleaser

echo '[goreleaser]
name=GoReleaser
baseurl=https://repo.goreleaser.com/yum/
enabled=1
gpgcheck=0' | sudo tee /etc/yum.repos.d/goreleaser.repo
sudo yum install goreleaser-pro

aur¶

OSSPro

yay -S goreleaser-bin

yay -S goreleaser-pro-bin

nix¶

nixpkgs¶

OSS

nix-env -iA goreleaser

Info

The package in nixpkgs might be slightly outdated, as it is not updated automatically. Use our NUR to always get the latest updates.

nur¶

First, you'll need to add our NUR to your nix configuration. You can follow the guides here.

Once you do that, you can install the packages.

OSSPro

{ pkgs, lib, ... }: {
  home.packages = with pkgs; [
    nur.repos.goreleaser.goreleaser
  ];
}

{ pkgs, lib, ... }: {
  home.packages = with pkgs; [
    nur.repos.goreleaser.goreleaser-pro
  ];
}

deb, rpm and apk packages¶

OSSPro

Download the .deb, .rpm or .apk packages from the OSS releases page and install them with the appropriate tools.

Download the .deb, .rpm or .apk packages from the Pro releases page and install them with the appropriate tools.

go install¶

OSS

go install github.com/goreleaser/goreleaser@latest

Requires Go 1.21.

bash script¶

OSSProAdditional Options

curl -sfL https://goreleaser.com/static/run | bash

curl -sfL https://goreleaser.com/static/run | DISTRIBUTION=pro bash

You can also set the VERSION and DISTRIBUTION variables to specify a version instead of using latest and pro or oss distributions, respectively.

You can also pass flags and args to GoReleaser:

curl -sfL https://goreleaser.com/static/run |
  VERSION=v1.23.0 DISTRIBUTION=oss bash -s -- check

curl -sfL https://goreleaser.com/static/run |
  VERSION=v1.23.0 DISTRIBUTION=pro bash -s -- check

Tip

This script does not install anything, it just downloads, verifies and runs GoReleaser. Its purpose is to be used within scripts and CIs.

manually¶

OSSPro

Download the pre-compiled binaries from the OSS releases page and copy them to the desired location.

Download the pre-compiled binaries from the Pro releases page and copy them to the desired location.

nightly¶

Nightly build are pre-releases of the current code into the main branch. Use it for testing out new features only.

manually¶

Pro

Download the pre-compiled binaries from the [nightly release][nighly-pro-releases] and copy them to the desired location.

bash script¶

Pro

curl -sfL https://goreleaser.com/static/run |
  VERSION=nightly DISTRIBUTION=pro bash -s -- release --clean

docker¶

Pro

Docker images are also available, look for tags with a -nightly suffix.

Registries:

Verifying the artifacts¶

binaries¶

All artifacts are checksummed, and the checksum file is signed with cosign.

OSSPro

Download the files you want, and the checksums.txt, checksum.txt.pem and checksums.txt.sig files from the releases page:
```
wget 'https://github.com/goreleaser/goreleaser/releases/download/v1.23.0/checksums.txt'
```

Verify the signature:

cosign verify-blob \
  --certificate-identity 'https://github.com/goreleaser/goreleaser/.github/workflows/release.yml@refs/tags/v1.23.0' \
  --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  --cert 'https://github.com/goreleaser/goreleaser/releases/download/v1.23.0/checksums.txt.pem' \
  --signature 'https://github.com/goreleaser/goreleaser/releases/download/v1.23.0/checksums.txt.sig' \
  ./checksums.txt

If the signature is valid, you can then verify the SHA256 sums match with the downloaded binary:
```
sha256sum --ignore-missing -c checksums.txt
```

Download the files you want, and the checksums.txt, checksum.txt.pem and checksums.txt.sig files from the releases page:
```
wget 'https://github.com/goreleaser/goreleaser-pro/releases/download/v1.23.0-pro/checksums.txt'
```

Verify the signature:

cosign verify-blob \
  --certificate-identity 'https://github.com/goreleaser/goreleaser-pro-internal/.github/workflows/release-pro.yml@refs/tags/v1.23.0-pro' \
  --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  --cert 'https://github.com/goreleaser/goreleaser-pro/releases/download/v1.23.0-pro/checksums.txt.pem' \
  --signature 'https://github.com/goreleaser/goreleaser-pro/releases/download/v1.23.0-pro/checksums.txt.sig' \
  ./checksums.txt

If the signature is valid, you can then verify the SHA256 sums match with the downloaded binary:
```
sha256sum --ignore-missing -c checksums.txt
```

docker images¶

Our Docker images are signed with cosign.

Verify the signatures:

OSSPro

cosign verify \
  --certificate-identity 'https://github.com/goreleaser/goreleaser/.github/workflows/release.yml@refs/tags/v1.23.0' \
    --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  goreleaser/goreleaser

cosign verify \
  --certificate-identity 'https://github.com/goreleaser/goreleaser-pro-internal/.github/workflows/release-pro.yml@refs/tags/v1.23.0-pro' \
  --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  goreleaser/goreleaser-pro

Info

The .pem and .sig files are the image name:tag, replacing / and : with -.

Running with Docker¶

You can also use it within a Docker container. To do that, you'll need to execute something more-or-less like the examples below.

OSSPro

Registries:

Example usage:

docker run --rm --privileged \
  -v $PWD:/go/src/github.com/user/repo \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -w /go/src/github.com/user/repo \
  -e GITHUB_TOKEN \
  -e DOCKER_USERNAME \
  -e DOCKER_PASSWORD \
  -e DOCKER_REGISTRY \
  goreleaser/goreleaser release

Registries:

Example usage:

docker run --rm --privileged \
  -v $PWD:/go/src/github.com/user/repo \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -w /go/src/github.com/user/repo \
  -e GITHUB_TOKEN \
  -e DOCKER_USERNAME \
  -e DOCKER_PASSWORD \
  -e DOCKER_REGISTRY \
  -e GORELEASER_KEY \
  goreleaser/goreleaser-pro release

Info

Now, the provided docker image does not support the generation of Snapcraft packages.

Note that the image will almost always have the last stable Go version.

The DOCKER_REGISTRY environment variable can be left empty when you are releasing to the public docker registry.

If you need more things, you are encouraged to keep your own image. You can always use GoReleaser's own Dockerfile as an example though and iterate from that.

Packaging status¶

Compiling from source¶

Here you have two options:

If you want to contribute to the project, please follow the steps on our contributing guide.

If you just want to build from source for whatever reason, follow these steps:

clone:

git clone https://github.com/goreleaser/goreleaser
cd goreleaser

get the dependencies:

go mod tidy

build:

go build -o goreleaser .

verify it works:

./goreleaser --version