sigstore · dlorenc · Mar 2, 2022 · Mar 2, 2022 · Mar 2, 2022
@@ -232,6 +232,68 @@ signs:
     args: ["sign-blob", "--output-signature", "${artifact}-keyless.sig", "--output-certificate", "${artifact}-keyless.pem", "${artifact}"]
     artifacts: checksum
 
+nfpms:
+  - id: cosign
+    package_name: cosign
+    file_name_template: "{{ .ConventionalFileName }}"
+    vendor: Sigstore
+    homepage: https://sigstore.dev
+    maintainer: Sigstore Authors 86837369+sigstore-bot@users.noreply.github.com
+    builds:
+      - linux
+      - linux-pivkey-pkcs11key-amd64
+    description: Container Signing, Verification and Storage in an OCI registry.
+    replacements:
+      amd64: 64-bit
+      386: 32-bit
+      darwin: macOS
+      linux: Tux
+    license: "Apache License 2.0"
+    formats:
+      - apk
+      - deb
+      - rpm
+
+  - id: cosigned
+    package_name: cosigned
+    file_name_template: "{{ .ConventionalFileName }}"
+    vendor: Sigstore
+    homepage: https://sigstore.dev
+    maintainer: Sigstore Authors 86837369+sigstore-bot@users.noreply.github.com
+    builds:
+      - linux-cosigned
+    description: Container Signing, Verification and Storage in an OCI registry.
+    replacements:
+      amd64: 64-bit
+      386: 32-bit
+      darwin: macOS
+      linux: Tux
+    license: "Apache License 2.0"
+    formats:
+      - apk
+      - deb
+      - rpm
+
+  - id: sget
+    package_name: sget
+    file_name_template: "{{ .ConventionalFileName }}"
+    vendor: Sigstore
+    homepage: https://sigstore.dev
+    maintainer: Sigstore Authors 86837369+sigstore-bot@users.noreply.github.com
+    builds:
+      - sget
+    description: a command for safer, automatic verification of signatures and integration with our binary transparency log, Rekor.
+    replacements:
+      amd64: 64-bit
+      386: 32-bit
+      darwin: macOS
+      linux: Tux
+    license: "Apache License 2.0"
+    formats:
+      - apk
+      - deb
+      - rpm
+
 archives:
 - format: binary
   name_template: "{{ .Binary }}"